CVE-2026-54760
langroid · langroid
Langroid contains an SQL injection vulnerability where bypassable regex blocklists allow attackers to execute restricted PostgreSQL functions despite existing security mitigations.
Executive summary
A critical SQL injection vulnerability in the langroid framework allows attackers to bypass security filters and execute unauthorized server-side operations, including arbitrary file reads.
Vulnerability
The SQLChatAgent uses an ineffective regex blocklist to filter SQL commands; attackers can bypass these checks using PostgreSQL-specific syntax like inline comments or schema qualification to execute blocked functions.
Business impact
Exploitation of this vulnerability allows unauthorized access to server-side files and potentially other restricted database operations. Given the CVSS score of 9.3, this flaw presents a high risk of sensitive data exposure and potential full database compromise within environments using the Langroid framework.
Remediation
Immediate Action: Update the langroid package to version 0.65.1 or newer to implement robust SQL injection mitigation.
Proactive Monitoring: Monitor database query logs for unusual function calls or attempts to access system files such as pg_read_file originating from the application layer.
Compensating Controls: Implement strict database user permissions (Principle of Least Privilege) to prevent the application's database service account from accessing sensitive system files or executing administrative functions.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability highlights the risk of relying on blocklist-based security for complex SQL queries. Users of the Langroid framework must update to version 0.65.1 immediately to close the file-read primitive and enhance SQL injection defenses.