CVE-2026-48121: LangGraph has NoSQL parameter injection in MongoDBSaver, allowing cross-tenant state access
A NoSQL injection vulnerability existed in MongoDBSaver where checkpoint identifier fields from config.configurable were used in MongoDB queries without strict type enforcement. In vulnerable versions, attacker-controlled object payloads (for example MongoDB operators like $gt and $ne) could be interpreted as query operators instead of literal identifier values.
This could bypass intended thread scoping and return checkpoints from other tenants.
References
- github.com/advisories/GHSA-98xf-r82g-9mhx
- github.com/langchain-ai/langgraphjs/commit/284226c7ca164b3c81fe2d9e32b10f1fc6b99a3c
- github.com/langchain-ai/langgraphjs/issues/2351
- github.com/langchain-ai/langgraphjs/pull/2397
- github.com/langchain-ai/langgraphjs/security/advisories/GHSA-98xf-r82g-9mhx
- nvd.nist.gov/vuln/detail/CVE-2026-48121
Code Behaviors & Features
Detect and mitigate CVE-2026-48121 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →