{"data":{"id":"5b95cfd3-c74b-41dc-9451-7cf667a51e5c","title":"GHSA-6xc5-4r68-67fc: Langroid: SQLChatAgent dangerous-function blocklist can be bypassed with quoted or schema-qualified pg_read_file calls","summary":"Langroid's SQLChatAgent has a security flaw in its dangerous-function blocklist, which uses a regex pattern (a rule for matching text) to block dangerous PostgreSQL functions like pg_read_file. However, attackers can bypass this blocklist by writing the function name in quoted form, adding comments, or using schema-qualified names (like pg_catalog.\"pg_read_file\"), because PostgreSQL accepts all these variations but the regex only checks for the function name directly followed by an opening parenthesis. This means the earlier fix that tried to block file-reading functions doesn't actually work.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-6xc5-4r68-67fc","publishedAt":"2026-07-06T20:39:02.000Z","cveId":"CVE-2026-54760","cweIds":null,"cvssScore":null,"cvssSeverity":"critical","severity":"critical","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":["langroid@<= 0.65.0 (fixed: 0.65.1)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langroid"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-07-06T20:39:02.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}