A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component, which is the default serialization protocol used for all checkpointing operations. This vulnerability (CVE-2025-64439) allows attackers to execute arbitrary Python code during the deserialization of malicious payloads. Attribute Details CVE […] The post LangGraph Deserialization Flaw Enables Execution of Malicious Python Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/langgraph-deserialization-flaw/
