CVE-2026-54061
Dgraph Alpha before version 25.3.5 exposes the RPCs for external snapshot import on the public gRPC port :9080 without authentication or authorization, allowing an unauthenticated network client to open StreamExtSnapshot and stream Badger data to the target group’s store. The receiver invokes Pre...