Lucene search
+L

54 matches found

github
github
added 2026/06/29 10:53 p.m.12 views

Dgraph Vulnerable to DQL Injection via checkUserPassword GraphQL Query

Summary The checkUserPassword GraphQL query in Dgraph is vulnerable to DQL Dgraph Query Language injection. User-supplied password values are interpolated directly into a DQL checkpwd query via fmt.Sprintf without any escaping or parameterization. An attacker can inject a password containing a...

9.1CVSS6.2AI score0.00484EPSS
Exploits1References4Affected Software1
spring
spring
added 2026/06/10 12:0 a.m.9 views

cve-2026-41699 - HIGH - Unsafe Deserialization in Spring GraphQL

cve-2026-41699 - HIGH - Unsafe Deserialization in Spring GraphQL...

9.8CVSS6.1AI score0.0043EPSS
Exploits0
euvd
euvd
added 2026/06/04 2:12 p.m.11 views

EUVD-2026-34271

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.172.0 through0.315.6, the MaxAliasesLimiter extension in Strawberry fails to account for the multiplicative/amplification effect of FragmentSpreadNode. While it correctly counts static aliases within the AST it does not...

5.3CVSS5.8AI score0.00417EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/04/17 12:0 a.m.9 views

graphql-go 安全漏洞

graphql-go is a GraphQL server developed by Webonyx, focusing on ease of use. Versions of graphql-go prior to 15.31.5 contained security vulnerabilities. These vulnerabilities stemmed from the OverlappingFieldsCanBeMerged validation rule, which performed On² comparisons for fields with the same...

7.5CVSS5.8AI score0.00485EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2026/04/06 6:0 p.m.7 views

agent-evaluator (=0.7.8), apppy-app (>=0.1.0 <=0.24.1) +61 more potentially affected by CVE-2026-35526 via strawberry-graphql (>=0.202.1 <=0.312.0)

strawberry-graphql PYPI version =0.202.1, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.0.33, =0.9.0, =25.13.0, =0.41.0, =1.2.0, =0.1.0a1, =1.1.20, =2.1.1 - dictatorgenai =0.1.0 and more Source cves: CVE-2026-35526 Source advisory: OSV:GHSA-HV3W-M4G2-5X77...

7.5CVSS5.7AI score0.00274EPSS
Exploits0
cnnvd
cnnvd
added 2026/04/06 12:0 a.m.10 views

Directus 安全漏洞

Directus is an open-source real-time API and application dashboard developed by Directus. It is used to manage SQL database content. Versions of Directus prior to 11.17.0 contained a security vulnerability. This vulnerability stemmed from GraphQL endpoints not repeatedly calling the data deletion...

6.5CVSS5.8AI score0.00361EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2026/03/12 6:32 p.m.11 views

@tinacms/app (>=0.0.0-0b7103c-20251216023146 <=2.3.25), @tinacms/cli (>=0.0.0-0b7103c-20251216023146 <=2.1.6) +4 more potentially affected by CVE-2026-28791 via @tinacms/graphql (>=2.0.0 <=2.1.2)

@tinacms/graphql NPM version =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =3.5.0 Source cves: CVE-2026-28791 Source advisory: SNYK:JS-TINACMSGRAPHQL-15518326...

7.4CVSS5.8AI score0.00325EPSS
Exploits1
cnnvd
cnnvd
added 2025/12/11 12:0 a.m.6 views

GitLab Enterprise Edition(EE) 安全漏洞

GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition EE versions prior to 18.4.6, 18.5 through 18.5.4, and 18.6 through 18.6.2, which stems from the fact that execution of a specially crafted...

4.3CVSS6.1AI score0.00208EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/10/27 12:0 a.m.6 views

GitLab CE和EE 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab CE and EE versions 11.0 through 18.3.5 prior...

7.5CVSS8.9AI score0.00773EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-22677

Malware in sbrugna...

7.5CVSS7.6AI score0.02013EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2287

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00795EPSS
Exploits1References4
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-24855

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00724EPSS
Exploits2References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-15380

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00765EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50324

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00465EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-45216

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00521EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2495

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.0036EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-41779

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00516EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-9735

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00573EPSS
Exploits0References6
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-2482

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.01198EPSS
Exploits1References8
euvd
euvd
added 2025/10/03 8:7 p.m.18 views

EUVD-2021-9374

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0135EPSS
Exploits1References4
Rows per page
Query Builder