A vulnerability was found in Langroid up to 0.63.x. It has been declared as critical. Affected is the function pg_read_file/pg_stat_file/pg_ls_logdir/pg_ls_waldir/pg_current_logfile of the component SQLChatAgent. The manipulation results in sql injection.

This vulnerability is identified as CVE-2026-50180. The attack can be executed remotely. There is not any exploit available.