CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 3 days ago•8 views

Strawberry GraphQL has a Circular Fragment Reference DOS

Summary The QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the determinedepth function enters an infinite recursion, leading to a RecursionError and crashing the...

Exploits1References3Affected Software1

OSV•added 3 days ago•3 views

GHSA-QFWV-87QJ-98XQ Strawberry GraphQL has a Circular Fragment Reference DOS

ATTACKERKB•added 3 days ago•5 views

Exploits1References3

CVE-2026-47706

Exploits1References3Affected Software1

Cvelist•added 3 days ago•31 views

CVE-2026-47706 Strawberry GraphQL has a Circular Fragment Reference DOS

5.3CVSS0.00039EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-34269

CVE•added 3 days ago•8 views

CVE-2026-47706

The CVE affects Strawberry GraphQL versions 0.71.0–0.315.6, where the QueryDepthLimiter lacks cycle detection in fragment spreads, causing infinite recursion and an application-level DOS (RecursionError) during validation. The issue is fixed in 0.315.7. Remediation: upgrade to 0.315.7 or later. T...

Exploits1References2Affected Software1

Vulnrichment•added 3 days ago•6 views

CVE-2026-47706 Strawberry GraphQL has a Circular Fragment Reference DOS

Positive Technologies•added 3 days ago•8 views

PT-2026-46249

EUVD•added 2026/05/29 12:38 a.m.•12 views

Exploits1References3

EUVD-2026-33166

A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that uses glib-networking with the GnuTLS backend enabled and performs certificate verification. This crafted chain, which contains circular...

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

Exploits0References4

Linux Distros Unpatched Vulnerability : CVE-2026-10028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that...

OSV•added 2026/05/28 11:16 p.m.•4 views

Exploits0References4

DEBIAN-CVE-2026-10028

NVD•added 2026/05/28 11:16 p.m.•10 views

Exploits0References1

CVE-2026-10028

4.3CVSS0.00092EPSS

OSV•added 2026/05/28 11:16 p.m.•6 views

UBUNTU-CVE-2026-10028

RedhatCVE•added 2026/05/28 10:33 p.m.•10 views

CVE-2026-10028

Vulnrichment•added 2026/05/28 10:33 p.m.•6 views

Exploits0References4

CVE-2026-10028 Glib-networking: infinite loop in glib-networking gnutls backend allows remote denial of service via circular certificate chain

CVE•added 2026/05/28 10:33 p.m.•12 views

CVE-2026-10028

Affected software: glib-networking with the GnuTLS backend. Issue: a certificate verification path can loop indefinitely when presented with a specially crafted chain containing circular issuer relationships. Impact: unbounded traversal consumes CPU, causing denial of service of the affected proc...

Cvelist•added 2026/05/28 10:33 p.m.•29 views

CVE-2026-10028 Glib-networking: infinite loop in glib-networking gnutls backend allows remote denial of service via circular certificate chain

4.3CVSS0.00092EPSS