A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization system. The flaw CVE-2025-64439 affects versions of langgraph-checkpoint before 3.0. It allows attackers to execute arbitrary Python code when untrusted data is deserialized. The vulnerability resides in LangGraph’s JsonPlusSerializer, the default serialization protocol used for checkpoint persistence. When the serializer encounters illegal […]
The post LangGraph Vulnerability Allows Malicious Python Code Execution During Deserialization appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: