{"data":{"id":"2a574121-bb1a-4e69-a935-7fc1ffd6ba11","title":"GHSA-pmch-g965-grmr: Langroid: SQLChatAgent _validate_query blocklist misses pg_read_file family enabling arbitrary file read","summary":"Langroid's SQLChatAgent contains a security flaw where its `_validate_query` blocklist (a list of dangerous SQL patterns to reject) fails to block several PostgreSQL file-reading functions like `pg_read_file()` and `pg_ls_logdir()`. An attacker who can influence the SQL queries the AI generates (through direct input or by injecting instructions into data the AI reads) can exploit this to read arbitrary files from the database server, even when the agent is configured to only allow SELECT statements and forbid dangerous operations.","solution":"The source text does not explicitly describe a fix, patch, or version where this vulnerability was resolved. N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-pmch-g965-grmr","publishedAt":"2026-07-02T17:42:09.000Z","cveId":"CVE-2026-50180","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":["langroid@<= 0.63.0 (fixed: 0.64.0)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langroid"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-07-02T17:42:09.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}