229 matches found
EUVD-2026-45031
remorses/genql before version 6.3.4 allows an authenticated attacker with control of the GraphQL schema that is passed to genql to inject arbitrary JavaScript or TypeScript. The malicious code is injected into the generated schema.ts file and executes when the genql client is bundled and imported...
CVE-2026-35211
OpenCTI exposes a script filter operator in the GraphQL FilterOperator enum prior to version 7.260401.0. An authenticated user with the KNOWLEDGE capability can pass user-supplied Elasticsearch Painless script values directly into search queries without validation, enabling potentially expensive ...
CVE-2026-6352
GitLab EE contains an authorization flaw in GraphQL operations that could allow an authenticated user with auditor-level access to modify compliance violation records. Affected versions include all 18.2-era releases before 18.11.7, all 19.0-era releases before 19.0.4, and all 19.1-era releases be...
CVE-2026-44840
CVE-2026-44840 (Dgraph) : The vulnerability is in the GraphQL path for checkUserPassword, where user-supplied password values are interpolated into a DQL query via fmt.Sprintf without escaping or parameterization. This allows a specially crafted password (e.g., containing a ".") to break the DQL ...
GO-2026-5837 Dgraph Vulnerable to DQL Injection via checkUserPassword GraphQL Query in github.com/dgraph-io/dgraph
Dgraph Vulnerable to DQL Injection via checkUserPassword GraphQL Query in github.com/dgraph-io/dgraph...
CVE-2026-9165
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...
CVE-2026-9165
Summary : A flaw in Red Hat Advanced Cluster Security for Kubernetes (RHACS) Central allows unbounded GraphQL query depth on the authenticated GraphQL API, enabling a token-authenticated user to issue deeply nested queries that exhaust resources and cause a denial of service to the management pla...
CVE-2026-57954
Vulnerability summary (CVE-2026-57954) Elide 7.1.17 has a flaw in SortingImpl.getValidSortingRules where @ReadPermission is not enforced on client-supplied sort expressions. This allows attackers to sort collections by forbidden fields and infer hidden field values via row ordering analysis, leak...
CVE-2026-57954 Elide 7.1.17 - Permission Bypass in Sort Expression Validation
Elide through 7.1.17 fails to enforce @ReadPermission on client-supplied sort expressions in SortingImpl.getValidSortingRules, allowing attackers to sort collections by forbidden fields. Attackers can infer hidden field values through row ordering analysis, leaking relative field ordering across...
PT-2026-53672
Name of the Vulnerable Software and Affected Versions Elide versions prior to 7.1.18 Description Insufficient enforcement of @ReadPermission within the getValidSortingRules function of SortingImpl allows attackers to use forbidden fields in client-supplied sort expressions. By analyzing the...
CVE-2026-55455 Appsmith: SSRF in REST API / GraphQL datasource plugins via insufficient host denylist
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the outbound HTTP host filter applied by WebClientUtils used by the REST API and GraphQL datasource plugins validates hosts against an exact-match string denylist. The comprehensive address-class check...
PT-2026-50547
Today I received a public security credit for a vulnerability I responsibly disclosed: CVE-2026-54683 – Improper authorization in NL Portal The vulnerability allowed any authenticated portal user to download documents belonging to other users when they had access to a valid document identifier. A...
BIT-PARSE-2026-47248 Parse Server: GraphQL "Did you mean" validation suggestions disclose schema to unauthenticated callers
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.78 and 9.9.1, Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL validation-err...
CVE-2026-47248
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.78 and 9.9.1-alpha.2, Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL...
EUVD-2026-36534
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.78 and 9.9.1-alpha.2, Parse Server's GraphQL endpoint discloses schema metadata to unauthenticated callers through Did you mean ...? suggestions embedded in GraphQL...
Exploit for Authorization Bypass Through User-Controlled Key in Saleor
CVE-2026-24136 - Saleor GraphQL IDOR / Unauthenticated PII Exf...
EUVD-2026-34917
A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...
CVE-2026-11424 Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure
A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...
CVE-2026-10802
A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attac...
CVE-2025-3922
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to insufficient...