| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-30241 | Mercurius: queryDepth limit bypassed for WebSocket subscriptions | mercurius-js | mercurius | 中危 | - | 2026-03-06 21:15:33 | Deep Dive |
| CVE-2025-64166 | Mercurius: Incorrect Content-Type parsing can lead to CSRF attack | mercurius-js | mercurius | Medium | 5.4 | 2026-03-05 15:31:46 | Deep Dive |
| CVE-2023-22477 | Mercurius is vulnerable to denial of service (DoS) when using subscriptions | mercurius-js | mercurius | Medium | 5.3 | 2023-01-09 14:12:25 | Deep Dive |
| CVE-2021-43801 | Uncaught Exception in mercurius | mercurius-js | mercurius | High | 7.5 | 2021-12-13 19:30:12 | Deep Dive |