GitHub

glpi-9.3.3-sql-injection(1)_1.yaml

description: "Synacktiv discovered that GLPI exposes a script (/scripts/unlock_tasks.php) that not correctly sanitize usercontrolled data before using it in SQL queries. Thus, an attacker could abuse ...
GitHub

beescms_v3-login-sql-injection.yaml

结构化查询语言(Structured Query Language)简称SQL,是一种数据库查询和程序设计语言,用于存取数据以及查询 ...
The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph ...
LinkedIn

SQL Injection Flaw Exposes Enterprise AI Systems to Server Takeover

46.5M monthly downloads. One vulnerability chain = full server takeover. The Problem: AI agent frameworks like LangGraph are scaling fast—46.5M monthly downloads powering enterprise automations, ...
LinkedIn

Jihan Kim’s Post

LangGraph. 46 million monthly downloads. Critical RCE disclosed yesterday. The vulnerability chain: SQL injection in the checkpoint layer → unsafe deserialization → full server takeover. What the ...