Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Veracode
Veracodeadded 2026/05/15 7:24 p.m.7 views

Improper Neutralization Of Special Elements In Data Query Logic

Dgraph is vulnerable to Improper Neutralization of Special Elements in Data Query Logic. The vulnerability is due to improper sanitization of the user-controlled cond field in upsert mutations, which allows an attacker to inject arbitrary DQL query blocks and gain unauthorized read access to...

9.1CVSS5.9AI score0.00054EPSS
Exploits1References3Affected Software3
Snyk
Snykadded 2026/04/24 8:20 p.m.0 views

Improper Neutralization of Special Elements in Data Query Logic

Overview github.com/dgraph-io/dgraph/v25/edgraph is a Dgraph is a horizontally scalable and distributed GraphQL database with a graph backend. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the cond field in an upsert...

9.3CVSS5.8AI score0.00054EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/04/24 12:0 a.m.4 views

Dgraph 安全漏洞

Dgraph is an open-source, horizontally scalable distributed GraphQL database with a graphical backend. Versions of Dgraph prior to 25.3.3 contained a security vulnerability. This vulnerability stemmed from the cond field in upsert mutations not being escaped or parameterized, allowing...

9.1CVSS5.8AI score0.00054EPSS
Exploits1References1
Rows per page
Query Builder