dgraph — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in dgraph, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-41492	Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph CWE-200	9.8	Critical	2026-04-24
CVE-2026-41327	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field CWE-943	9.1	Critical	2026-04-24
CVE-2026-41328	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field CWE-943	9.1	Critical	2026-04-24
CVE-2026-40173	Dgraph: Unauthenticated pprof endpoint leaks admin auth token CWE-200	9.4	Critical	2026-04-15
CVE-2026-34976	Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization CWE-862	10.0	Critical	2026-04-06
CVE-2023-31135	Dgraph Audit Log Encryption nonce reuse CWE-326	3.3	Low	2023-05-17

All 6 known CVE vulnerabilities affecting dgraph with full Chinese analysis, references, and POCs where available.