CVE-2026-54760

langroid · langroid

Langroid contains an SQL injection vulnerability where bypassable regex blocklists allow attackers to execute restricted PostgreSQL functions despite existing security mitigations.

Executive summary

A critical SQL injection vulnerability in the langroid framework allows attackers to bypass security filters and execute unauthorized server-side operations, including arbitrary file reads.

Vulnerability

The SQLChatAgent uses an ineffective regex blocklist to filter SQL commands; attackers can bypass these checks using PostgreSQL-specific syntax like inline comments or schema qualification to execute blocked functions.

Business impact

Exploitation of this vulnerability allows unauthorized access to server-side files and potentially other restricted database operations. Given the CVSS score of 9.3, this flaw presents a high risk of sensitive data exposure and potential full database compromise within environments using the Langroid framework.

Remediation

Immediate Action: Update the langroid package to version 0.65.1 or newer to implement robust SQL injection mitigation.

Proactive Monitoring: Monitor database query logs for unusual function calls or attempts to access system files such as pg_read_file originating from the application layer.

Compensating Controls: Implement strict database user permissions (Principle of Least Privilege) to prevent the application's database service account from accessing sensitive system files or executing administrative functions.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability highlights the risk of relying on blocklist-based security for complex SQL queries. Users of the Langroid framework must update to version 0.65.1 immediately to close the file-read primitive and enhance SQL injection defenses.