Dependency Conflict: Unable to Upgrade to `langgraph-checkpoint >= 3.0.0` Due to Version Pin (`>=2.0.9, <3.0.0`)

[dmoliveira]

Hi team,

Our security scanner detected a high-severity RCE vulnerability in langgraph-checkpoint versions < 3.0.0. The fix is available in 3.0.0+, but this package currently pins:

langgraph-checkpoint >= 2.0.9, < 3.0.0

This prevents downstream users from upgrading to the patched version.

---

Security Impact

The vulnerability allows arbitrary code execution via unsafe deserialisation in JsonPlusSerializer when the serializer falls back to "json" mode.

Advisory reference:

• GitHub Security Advisory: https://github.com/langchain-ai/langgraph/security/advisories/GHSA-4qwq-2pp9-9hf5
• CVE: https://nvd.nist.gov/vuln/detail/CVE-2025-64439

Severity: High (CVSS 7.4)

It is fully resolved in:

langgraph-checkpoint == 3.0.0

---

Problem

Because the version constraint blocks installation of >=3.0.0, any project using langchain-google-alloydb-pg-python is forced to continue using a vulnerable version.

This triggers Dependabot/Snyk/GHAS alerts and blocks secure upgrades.

---

Requested Change

Please consider updating the dependency:

langgraph-checkpoint >= 3.0.0

---

Relevant References From Advisory

• Vulnerable component: JsonPlusSerializer
• Issue: Unsafe constructor deserialisation in "json" mode
• Affected versions: < 3.0.0
• Fixed version: 3.0.0
• Advisory: https://github.com/langchain-ai/langgraph/security/advisories/GHSA-4qwq-2pp9-9hf5

[spartandingo]

@dmoliveira PR

also would be a lot cleaner if we drop Python 3.9

[dishaprakash]

@dmoliveira thank you for opening this detailed bug. We will update the progress of this fix on this thread!

[dmoliveira]

Thanks @dishaprakash and @spartandingo for the support on this. Looking forward to updating our version once it’s ready.

[dishaprakash]

Closing this issue as the dependency has been upgraded in the PR #531 and should be available in the next release.

Thank you for your contribution!