Description
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack is a single HTTP POST to /mutate?commitNow=true containing a crafted cond field in an upsert mutation. The cond value is concatenated directly into a DQL query string via strings.Builder.WriteString after only a cosmetic strings.Replace transformation. No escaping, parameterization, or structural validation is applied. An attacker injects an additional DQL query block into the cond string, which the DQL parser accepts as a syntactically valid named query block. The injected query executes server-side and its results are returned in the HTTP response. This vulnerability is fixed in 25.3.3.
Published: 2026-04-24
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Full-Database Exfiltration
Action: Immediate Patch
AI Analysis

Impact

A vulnerability in Dgraph allows an unauthenticated attacker to exfiltrate all stored data by injecting a malicious DQL query into the cond field of an upsert mutation. The injected query is concatenated into the mutation without any escaping or validation, which the DQL parser accepts as a new named query block. The query executes server‑side and its results are returned to the attacker, giving complete read access to the database. This issue is classified as CWE‑943 due to improper handling of input that results in disclosure of sensitive information.

Affected Systems

The affected product is Dgraph, the open‑source distributed GraphQL database from dgraph‑io. All deployments using the default configuration in which ACL is disabled are vulnerable. Versions prior to 25.3.3 contain the flaw; the issue is fixed in 25.3.3.

Risk and Exploitability

The CVSS rating of 9.1 indicates a high‑severity vulnerability. The exploit probability is low, with an EPSS score below 1%, and the vulnerability is not listed in CISA’s KEV catalog. Nevertheless, the attack requires only a single HTTP POST to /mutate?commitNow=true with a crafted cond string and no authentication is necessary, meaning any exposed Dgraph instance with default settings can be exploited. Once exploited, an attacker can read every data item in the database, resulting in total data exfiltration.

Generated by OpenCVE AI on April 28, 2026 at 05:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Dgraph 25.3.3 or later, which patches the injection flaw.
  • Enable ACL and require authentication to prevent anonymous access to the database.
  • If patching is delayed, restrict network access to the /mutate endpoint to limit exposure.

Generated by OpenCVE AI on April 28, 2026 at 05:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-mrxx-39g5-ph77 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field
History

Tue, 28 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:dgraph:dgraph:*:*:*:*:*:go:*:*

Tue, 28 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Dgraph
Dgraph dgraph
Vendors & Products Dgraph
Dgraph dgraph

Sat, 25 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 24 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Description Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack is a single HTTP POST to /mutate?commitNow=true containing a crafted cond field in an upsert mutation. The cond value is concatenated directly into a DQL query string via strings.Builder.WriteString after only a cosmetic strings.Replace transformation. No escaping, parameterization, or structural validation is applied. An attacker injects an additional DQL query block into the cond string, which the DQL parser accepts as a syntactically valid named query block. The injected query executes server-side and its results are returned in the HTTP response. This vulnerability is fixed in 25.3.3.
Title Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field
Weaknesses CWE-943
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Dgraph Dgraph
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-24T19:05:56.125Z

Reserved: 2026-04-20T14:01:46.672Z

Link: CVE-2026-41327

cve-icon Vulnrichment

Updated: 2026-04-24T19:04:44.917Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-24T19:17:12.407

Modified: 2026-04-28T18:31:22.953

Link: CVE-2026-41327

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T08:45:26Z

Weaknesses