github.com/dgraph-io/dgraph/v25

Go5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/dgraph-io/dgraph/v25page 1 of 1

CVE-2026-34976CRITICALCVSS 10.0EG 10.0✓ Fixed in 25.3.1
2026-04-06
Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config (admin.go), making it completely unauthenticated. Unlike the similar restore mutat…
CVE-2026-40173CRITICALCVSS 9.4EG 9.4✓ Fixed in 25.3.2
2026-04-15
Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered on the default mux and reachable without …
CVE-2026-41327CRITICALCVSS 9.1EG 9.1✓ Fixed in 25.3.3
2026-04-24
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default …
CVE-2026-41328CRITICALCVSS 9.1EG 9.1✓ Fixed in 25.3.3
2026-04-24
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default …
CVE-2026-41492CRITICALCVSS 9.8EG 9.8✓ Fixed in 25.3.3
2026-04-24
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "to…

Check whether github.com/dgraph-io/dgraph/v25 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/dgraph-io/dgraph/v25 CVEs against the assets you own.

Start Free Scan →