CVE-2026-44840 Dgraph Vulnerable to DQL Injection via checkUserPassword GraphQL Query
Dgraph is an open source distributed GraphQL database. Prior to version 25.3.4, the checkUserPassword GraphQL query in Dgraph is vulnerable to DQL Dgraph Query Language injection. User-supplied password values are interpolated directly into a DQL checkpwd query via fmt.Sprintf without any escapin...