CVE-2025-8709 HIGH

CVE-2025-8709: SQL Injection in langchain-ai/langchain

Vendor Langchain-Ai
Product langchain-ai/langchain
Weakness CWE-89 · SQLi
Published October 26, 2025
Last update October 28, 2025
View on NVD All CVEs

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

What the vulnerability does

01Description

A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators ($eq, $ne, $gt, $lt, $gte, $lte) where direct string concatenation is used without proper parameterization. This allows attackers to inject arbitrary SQL, leading to unauthorized access to all documents, data exfiltration of sensitive fields such as passwords and API keys, and a complete bypass of application-level security filters.

Key dates

02Disclosure timeline

October 26, 2025 CVE published
October 28, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-1738 SourceCodester Young Entrepreneur E-Negosyo System sql injection CVE-2023-50855 WordPress Pre* Party Resource Hints Plugin <= 1.8.18 is vulnerable to SQL Injection CVE-2024-4071 Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php sql injection CVE-2026-1800 Fonts Manager | Custom Fonts <= 1.2 - Unauthenticated SQL Injection via fmcfIdSelectedFnt parameter CVE-2024-11051 AMTT Hotel Broadband Operation System online_status.php sql injection