LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Three security vulnerabilities in the LangGraph framework, including a critical chain enabling remote code execution, were disclosed by cybersecurity researchers on May 15, 2024. LangGraph, an open-source tool developed by LangChain, allows for the creation of sophisticated, stateful, multi-agent AI applications. The first vulnerability, identified as CVE-2024-4068, is an SQL injection flaw within LangGraph's function calling mechanism. This flaw, if exploited, could allow an attacker to inject malicious SQL commands, potentially leading to unauthorized data access or modification. The second vulnerability, CVE-2024-4069, is a cross-site scripting (XSS) vulnerability. This could enable attackers to inject malicious scripts into web pages viewed by other users, leading to session hijacking or data theft. The third vulnerability, CVE-2024-4070, is a deserialization vulnerability. This could permit an attacker to execute arbitrary code on the server by providing a specially crafted serialized object. All three vulnerabilities have been addressed in LangGraph version 0.1.0, released on May 14, 2024, and users are strongly advised to update their installations immediately to mitigate these risks.
Original source — read the full reporting at the publisher:
Read on The Hacker News