{"data":{"id":"1a7b1d9c-c83f-4d70-8dfc-1dabfc66f364","title":"GHSA-w39p-vh2g-g8g5: LangGraph SDK has unsafe URL path construction","summary":"The langgraph-sdk (a Python library for making HTTP requests to LangGraph services) had a vulnerability where it directly inserted user-supplied identifier values into URLs without encoding them. This meant special characters in identifiers could change which resource was accessed, potentially allowing users to access, modify, or delete resources they shouldn't have permission to change, especially in systems that check permissions based on the URL path. The vulnerability only affects applications that pass unvalidated user input directly to SDK methods.","solution":"The SDK now applies path-segment encoding to identifier values before they are interpolated into request URL templates. After this change, identifier values that contain characters with special meaning in URL paths are transmitted as encoded byte sequences and routed to the resource the SDK method's call site indicates. Additionally, the source recommends: validate identifier values (typically as UUIDs) at the boundary where untrusted input enters the application before passing them to SDK methods, and for deployments relying on URL-prefix-based authorization, prefer authorization at the LangGraph server layer or on parsed-and-validated request paths rather than on raw URL prefixes.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-w39p-vh2g-g8g5","publishedAt":"2026-06-25T18:32:35.000Z","cveId":"CVE-2026-48776","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":["langgraph-sdk@< 0.3.15 (fixed: 0.3.15)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["LangGraph","langgraph-sdk","LangSmith"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00181,"patchAvailable":true,"disclosureDate":"2026-06-25T18:32:35.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}