๐Ÿ” CVE Alert

CVE-2026-50180

UNKNOWN 0.0

Langroid: SQLChatAgent _validate_query blocklist misses pg_read_file family enabling arbitrary file read

CVSS Score
0.0
EPSS Score
0.7%
EPSS Percentile
48th

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, `SQLChatAgent` in `langroid` ships a `_validate_query` defense-in-depth layer whose `_DANGEROUS_SQL_PATTERNS` regex blocklist enumerates dangerous SQL primitives by specific function name. The list misses the canonical PostgreSQL filesystem-disclosure family `pg_read_file()`, `pg_stat_file()`, `pg_ls_logdir()`, `pg_ls_waldir()`, `pg_current_logfile()` (and similar `SELECT`-shaped functions in the same family). It also leaves SQL Server `OPENDATASOURCE` and SQLite `ATTACH '<file>' AS x` (DATABASE keyword omitted) unblocked. An attacker able to shape the LLM's generated SQL (directly via prompt input or transitively via prompt-injection in data the LLM ingests) can read arbitrary files from the PostgreSQL host through ordinary `SELECT` queries, even with the agent's strict default configuration (`allow_dangerous_operations=False`, `allowed_statement_types=['SELECT']`). The payloads survive the statement-type allowlist (each is a `SELECT`) and pass through the regex blocklist (none of the function names match), then reach the live SQLAlchemy engine via `SQLChatAgent.run_query`. Version 0.64.0 contains a patch for the issue.

CWE CWE-22 CWE-89
Vendor langroid
Product langroid
Published Jul 9, 2026
Last Updated Jul 10, 2026
Stay Ahead of the Next One

Get instant alerts for langroid langroid

Be the first to know when new unknown vulnerabilities affecting langroid langroid are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

langroid / langroid
< 0.64.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/langroid/langroid/security/advisories/GHSA-pmch-g965-grmr github.com: https://github.com/langroid/langroid/commit/00b7dd7b79c5d03c94be284cf3459d98195ebfba