THREAT OPS › Threat News › From SQLi to RCE – Exploiting LangGraph’s Checkpointer
From SQLi to RCE – Exploiting LangGraph’s Checkpointer
<p><strong>By Yarden Porat</strong></p>
<p>AI agents need memory. Frameworks like LangGraph provide it through checkpointers – persistence layers that store execution state. But what happens when that persistence layer isn’t locked down?</p>
<h2 class="wp-block-heading"><strong>Key Points</strong></h2>
<ul class="wp-block-list"> <li>Check Point Research analyzed <strong>LangGr
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006
Indicators of compromise
- CVE-2025-67644cve
- CVE-2026-28277cve
- CVE-2026-27022cve
- CVE-2025-68664cve
- CVE-2026-28227cve
- https://cyata.ai/blog/langgrinch-langchain-core-cve-2025-68664/url