Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged

Filter by:

With package: python312Packages.langgraph-sdk

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-28277

6.8 MEDIUM

CVSS version: 3.1
Attack vector (AV): ADJACENT_NETWORK
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 1 month, 1 week ago

LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can modify checkpoint data in the backing store (for example, after a database compromise or other privileged write access to the persistence layer), they can potentially supply a crafted payload that triggers unsafe object reconstruction when the checkpoint is loaded. No known patch is public.

References

https://github.com/langchain-ai/langgraph/security/advisories/GHSA-g48c-2wqr-h844 x_refsource_CONFIRM

Affected products

langgraph

==<= 1.0.9

Matching in nixpkgs

pkgs.langgraph-cli

Official CLI for LangGraph API

nixos-unstable 0.4.11
- nixpkgs-unstable 0.4.11
- nixos-unstable-small 0.4.11
nixos-25.11 0.4.7
- nixos-25.11-small 0.4.7
- nixpkgs-25.11-darwin 0.4.7

pkgs.python312Packages.langgraph

Build resilient language agents as graphs

nixos-25.11 1.0.5
- nixos-25.11-small 1.0.5
- nixpkgs-25.11-darwin 1.0.5

pkgs.python313Packages.langgraph

Build resilient language agents as graphs

nixos-unstable 1.0.8
- nixpkgs-unstable 1.0.8
- nixos-unstable-small 1.0.8
nixos-25.11 1.0.5
- nixos-25.11-small 1.0.5
- nixpkgs-25.11-darwin 1.0.5

pkgs.python314Packages.langgraph

Build resilient language agents as graphs

nixos-unstable 1.0.8
- nixpkgs-unstable 1.0.8
- nixos-unstable-small 1.0.8

pkgs.python312Packages.langgraph-cli

Official CLI for LangGraph API

nixos-25.11 0.4.7
- nixos-25.11-small 0.4.7
- nixpkgs-25.11-darwin 0.4.7

pkgs.python312Packages.langgraph-sdk

SDK for interacting with the LangGraph Cloud REST API

nixos-25.11 0.3.1
- nixos-25.11-small 0.3.1
- nixpkgs-25.11-darwin 0.3.1

pkgs.python313Packages.langgraph-cli

Official CLI for LangGraph API

nixos-unstable 0.4.11
- nixpkgs-unstable 0.4.11
- nixos-unstable-small 0.4.11
nixos-25.11 0.4.7
- nixos-25.11-small 0.4.7
- nixpkgs-25.11-darwin 0.4.7

pkgs.python313Packages.langgraph-sdk

SDK for interacting with the LangGraph Cloud REST API

nixos-unstable 0.3.6
- nixpkgs-unstable 0.3.6
- nixos-unstable-small 0.3.6
nixos-25.11 0.3.1
- nixos-25.11-small 0.3.1
- nixpkgs-25.11-darwin 0.3.1

pkgs.python314Packages.langgraph-cli

Official CLI for LangGraph API

nixos-unstable 0.4.11
- nixpkgs-unstable 0.4.11
- nixos-unstable-small 0.4.11

pkgs.python314Packages.langgraph-sdk

SDK for interacting with the LangGraph Cloud REST API

nixos-unstable 0.3.6
- nixpkgs-unstable 0.3.6
- nixos-unstable-small 0.3.6

pkgs.python312Packages.langgraph-prebuilt

Prebuilt agents add-on for Langgraph. Should always be bundled with langgraph

nixos-25.11 1.0.5
- nixos-25.11-small 1.0.5
- nixpkgs-25.11-darwin 1.0.5

pkgs.python313Packages.langgraph-prebuilt

Prebuilt agents add-on for Langgraph. Should always be bundled with langgraph

nixos-unstable 1.0.7
- nixpkgs-unstable 1.0.7
- nixos-unstable-small 1.0.7
nixos-25.11 1.0.5
- nixos-25.11-small 1.0.5
- nixpkgs-25.11-darwin 1.0.5

pkgs.python314Packages.langgraph-prebuilt

Prebuilt agents add-on for Langgraph. Should always be bundled with langgraph

nixos-unstable 1.0.7
- nixpkgs-unstable 1.0.7
- nixos-unstable-small 1.0.7

pkgs.python312Packages.langgraph-checkpoint

Library with base interfaces for LangGraph checkpoint savers

nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.python313Packages.langgraph-checkpoint

Library with base interfaces for LangGraph checkpoint savers

nixos-unstable 4.0.0
- nixpkgs-unstable 4.0.0
- nixos-unstable-small 4.0.0
nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.python314Packages.langgraph-checkpoint

Library with base interfaces for LangGraph checkpoint savers

nixos-unstable 4.0.0
- nixpkgs-unstable 4.0.0
- nixos-unstable-small 4.0.0

pkgs.python312Packages.langgraph-runtime-inmem

Inmem implementation for the LangGraph API server

nixos-25.11 0.18.0
- nixos-25.11-small 0.18.0
- nixpkgs-25.11-darwin 0.18.0

pkgs.python312Packages.langgraph-store-mongodb

Integrations between MongoDB, Atlas, LangChain, and LangGraph

nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python313Packages.langgraph-runtime-inmem

Inmem implementation for the LangGraph API server

nixos-unstable 0.23.2
- nixpkgs-unstable 0.23.2
- nixos-unstable-small 0.23.2
nixos-25.11 0.18.0
- nixos-25.11-small 0.18.0
- nixpkgs-25.11-darwin 0.18.0

pkgs.python313Packages.langgraph-store-mongodb

Integrations between MongoDB, Atlas, LangChain, and LangGraph

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0
nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python314Packages.langgraph-runtime-inmem

Inmem implementation for the LangGraph API server

nixos-unstable 0.23.2
- nixpkgs-unstable 0.23.2
- nixos-unstable-small 0.23.2

pkgs.python314Packages.langgraph-store-mongodb

Integrations between MongoDB, Atlas, LangChain, and LangGraph

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0

pkgs.python312Packages.langgraph-checkpoint-sqlite

Library with a SQLite implementation of LangGraph checkpoint saver

nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.python313Packages.langgraph-checkpoint-sqlite

Library with a SQLite implementation of LangGraph checkpoint saver

nixos-unstable 3.0.3
- nixpkgs-unstable 3.0.3
- nixos-unstable-small 3.0.3
nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.python314Packages.langgraph-checkpoint-sqlite

Library with a SQLite implementation of LangGraph checkpoint saver

nixos-unstable 3.0.3
- nixpkgs-unstable 3.0.3
- nixos-unstable-small 3.0.3

pkgs.python312Packages.langgraph-checkpoint-mongodb

Integrations between MongoDB, Atlas, LangChain, and LangGraph

nixos-25.11 0.3.0
- nixos-25.11-small 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.python313Packages.langgraph-checkpoint-mongodb

Integrations between MongoDB, Atlas, LangChain, and LangGraph

nixos-unstable 0.3.1
- nixpkgs-unstable 0.3.1
- nixos-unstable-small 0.3.1
nixos-25.11 0.3.0
- nixos-25.11-small 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.python314Packages.langgraph-checkpoint-mongodb

Integrations between MongoDB, Atlas, LangChain, and LangGraph

nixos-unstable 0.3.1
- nixpkgs-unstable 0.3.1
- nixos-unstable-small 0.3.1

pkgs.python312Packages.langgraph-checkpoint-postgres

Library with a Postgres implementation of LangGraph checkpoint saver

nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.python313Packages.langgraph-checkpoint-postgres

Library with a Postgres implementation of LangGraph checkpoint saver

nixos-unstable 3.0.4
- nixpkgs-unstable 3.0.4
- nixos-unstable-small 3.0.4
nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.python314Packages.langgraph-checkpoint-postgres

Library with a Postgres implementation of LangGraph checkpoint saver

nixos-unstable 3.0.4
- nixpkgs-unstable 3.0.4
- nixos-unstable-small 3.0.4

Package maintainers

@sarahec Sarah Clark <seclark@nextquestion.net>
@drupol Pol Dellaiera <pol.dellaiera@protonmail.com>

1