EUVD-2026-34917

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

CVE-2026-10802

A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attac...

CVE-2025-3922

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service by overwhelming system resources under certain conditions due to insufficient...

CVE-2026-35401

Saleor is an e-commerce platform. From 2.0.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a malicious actor can include many GraphQL mutations or queries in a single API call using aliases or chaining multiple mutations, resulting in resource exhaustion. This vulnerability is fixed in...

EUVD-2026-34270

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values from the GraphiQL headers editor into the browser URL query string. If a user entered a sensitive header, such as Authorization: Bearer , the value...

CVE-2026-10802

A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attac...

PT-2026-46188

A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attac...

OpenCTI: Privilege escalation via graphQL API is abusable by organization admins, due to incorrect ACL on userEdit relationAdd

Summary An organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. Impact Full platform access, access to sensitive or proprietary information...

CVE-2026-44730 OpenCTI: Privilege escalation via graphQL API abusable by organization admins, due to incorrect ACL on userEdit relationAdd

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.7, an organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. This is due to incorrect ACL o...

CVE-2026-44730

OpenCTI (open-source platform for threat intel) has a privilege-escalation vulnerability affecting the GraphQL API prior to version 6.9.7. An organization admin can elevate privileges by adding a user from a different organization with higher privileges to their own organization due to an incorre...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query. An attacker can access sensitive information, including model names, version descriptions, source URIs, tags, and other...

CVE-2026-2734

In mlflow/mlflow versions up to 3.9.0, the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registere...

CVE-2026-2734

In mlflow/mlflow versions up to 3.9.0, the SearchModelVersions REST API endpoint and the mlflowSearchModelVersions GraphQL query lack proper per-model authorization checks when basic authentication is enabled. This allows any authenticated user to enumerate all model versions across all registere...

GHSA-9MHV-8H52-Q7Q2 Absinthe: Quadratic fragment-name uniqueness check

Summary An unauthenticated attacker can stall an Absinthe-backed GraphQL endpoint by submitting a query that contains many fragment definitions. The fragment-name uniqueness validation phase is ON² in the number of fragments, so a single modestly-sized request burns seconds of CPU per worker, and...

CVE-2026-44010

Craft CMS is a content management system CMS. From 4.0.0 to before 4.17.12 and 5.9.18, the GraphQL Address element resolver src/gql/resolvers/elements/Address.php performs no schema scope filtering on top-level queries. A GraphQL API token scoped to a single low-privilege user group can read ever...

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. Versions of Craft CMS from 4.0.0 to 4.17.12 and 5.9.18 contained security vulnerabilities. These vulnerabilities stemmed from the GraphQL address element parser’s failure to apply pattern-range filtering on top-level...

Absinthe 安全漏洞

Absinthe is an open-source GraphQL implementation framework based on Elixir. Versions of Absinthe from 1.2.0 to 1.10.2 contained security vulnerabilities. These vulnerabilities were due to a quadratic algorithm complexity issue in the uniqueness validation of fragment names, which could lead to...

Missing Authorization

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization via the Address GraphQL resolver, which does not enforce schema scope filtering on top-level queries. An attacker can access sensitive address information belonging to...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the OverlappingFieldsCanBeMerged validation rule. An attacker can exhaust server resources and cause service disruption by submitting specially crafted GraphQL queries containing numerous neste...

Exploit for CVE-2026-39816

Apache NiFi CVE-2026-39816 POC Proof-of-concept demonstration...