{"data":{"id":"e42bb29a-ce1f-4c2c-b055-3e2c87c581d5","title":"GHSA-98xf-r82g-9mhx: LangGraph has NoSQL parameter injection in MongoDBSaver, allowing cross-tenant state access","summary":"LangGraph's MongoDBSaver had a NoSQL injection vulnerability (a type of attack where special database commands are sneaked into queries) that allowed attackers to read checkpoint data (saved conversation states) from other users or tenants by injecting MongoDB operators like $gt into identifier fields. This happened because the code didn't enforce that these fields must be strings before using them in database queries.","solution":"Upgrade to @langchain/langgraph-checkpoint-mongodb@1.3.1 or later. Version 1.3.1 adds runtime validation for configurable checkpoint identifiers and rejects invalid values before they reach MongoDB query paths. The patch also includes regression tests covering object and operator payloads. As additional protection, validate identifier fields at API boundaries and avoid passing raw client objects into graph config.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-98xf-r82g-9mhx","publishedAt":"2026-06-12T15:05:32.000Z","cveId":"CVE-2026-48121","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":["@langchain/langgraph-checkpoint-mongodb@<= 1.3.0 (fixed: 1.3.1)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["LangChain","LangGraph","@langchain/langgraph-checkpoint-mongodb"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00027,"patchAvailable":true,"disclosureDate":"2026-06-12T15:05:32.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}