CVE-2026-25879

Name of the Vulnerable Software and Affected Versions Langroid versions prior to 0.63.0

Description SQLChatAgent executes SQL produced by a Large Language Model (LLM), which can be influenced by prompt injection. When configured with a database role possessing privileges for code execution or filesystem access (such as PostgreSQL pg execute server program, MySQL FILE, or MSSQL xp cmdshell), an attacker can shape the agent's input—including indirectly via data returned to the LLM—to force the execution of dialect-specific primitives like COPY ... FROM PROGRAM. This can lead to remote code execution (RCE) on the database host.

Recommendations Update to version 0.63.0. Ensure the allow dangerous operations variable is set to False to maintain the SELECT-only statement allowlist and dangerous-pattern blocklist.