Wiz
Vulnerability DatabaseCVE-2025-64439

CVE-2025-64439
Python vulnerability analysis and mitigation

Overview

A remote code execution (RCE) vulnerability was discovered in LangGraph's JsonPlusSerializer component (CVE-2025-64439), affecting all versions of langgraph-checkpoint prior to version 3.0. The vulnerability exists in the default serialization protocol used for checkpointing and was disclosed on November 5, 2025. The flaw affects applications that allow untrusted data to be persisted into checkpoints and use the default serializer or explicitly instantiate JsonPlusSerializer (Miggo, Security Online).

Technical details

The vulnerability occurs when the serializer falls back to using 'json' mode after failing to use the default 'msgpack' serialization due to illegal Unicode surrogate values. In this mode, the deserializer supports a constructor-style format (lc 2, type 'constructor') that allows custom objects to be reconstructed during load time. This implementation can be exploited to execute arbitrary Python functions during deserialization. The vulnerability has been assigned a CVSS score of 7.4 (High severity) (GitHub Advisory).

Impact

If successfully exploited, an attacker can execute arbitrary Python code on affected systems with the same privileges as the running process. This is particularly concerning given LangGraph's role in managing complex, long-running agent workflows and its reported 20 million monthly downloads. The vulnerability poses significant risks to applications using it for persistence, especially in production environments where LangGraph is integrated into agents or backend services (Security Online).

Mitigation and workarounds

Users are strongly advised to upgrade immediately to langgraph-checkpoint version 3.0.0, which patches the vulnerability by introducing an allow-list for constructor deserialization and removing the unsafe JSON fallback path. The update is fully compatible with langgraph>=0.3 and requires no import changes or code modifications. For users of langgraph-api, updating to version 0.5 or later will automatically include the patched version of the checkpointer library (GitHub Advisory).

Additional resources

SourceThis report was generated using AI

Related Python vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-65896CRITICAL9.8
  • PythonPython
  • asyncmy
NoNoDec 02, 2025
CVE-2025-66423HIGH7.1
  • PythonPython
  • tryton-server
NoYesNov 30, 2025
CVE-2025-66454MEDIUM6.5
  • PythonPython
  • arcade-mcp-server
NoYesDec 02, 2025
CVE-2025-66424MEDIUM6.5
  • PythonPython
  • trytond
NoYesNov 30, 2025
CVE-2025-65858LOW3.5
  • PythonPython
  • calibreweb
NoNoDec 02, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo