dgraph-io — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting dgraph-io. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by dgraph-io:dgraph

CVE ID	Title	CVSS	Severity	Published
CVE-2026-41492	Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph — dgraphCWE-200	9.8	Critical	2026-04-24
CVE-2026-41327	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field — dgraphCWE-943	9.1	Critical	2026-04-24
CVE-2026-41328	Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field — dgraphCWE-943	9.1	Critical	2026-04-24
CVE-2026-40173	Dgraph: Unauthenticated pprof endpoint leaks admin auth token — dgraphCWE-200	9.4	Critical	2026-04-15
CVE-2026-34976	Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization — dgraphCWE-862	10.0	Critical	2026-04-06
CVE-2023-31135	Dgraph Audit Log Encryption nonce reuse — dgraphCWE-326	3.3	Low	2023-05-17

This page lists every published CVE security advisory associated with dgraph-io. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

dgraph-io — Vulnerabilities & Security Advisories 6