CVE-2026-41328
Published: 24 April 2026
Description
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where…
more
ACL is not enabled. The attack requires two HTTP POSTs to port 8080. The first sets up a schema predicate with @unique @index(exact) @lang via /alter (also unauthenticated in default config). The second sends a crafted JSON mutation to /mutate?commitNow=true where a JSON key contains the predicate name followed by @ and a DQL injection payload in the language tag position. The injection exploits the addQueryIfUnique function in edgraph/server.go, which constructs DQL queries using fmt.Sprintf with unsanitized predicateName that includes the raw pred.Lang value. The Lang field is extracted from JSON mutation keys by x.PredicateLang(), which splits on @, and is never validated by any function in the codebase. The attacker injects a closing parenthesis to escape the eq() function, adds an arbitrary named query block, and uses a # comment to neutralize trailing template syntax. The injected query executes server-side and its results are returned in the HTTP response. This vulnerability is fixed in 25.3.3.
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations, preventing unauthenticated access to /alter and /mutate endpoints required for the exploit.
Validates inputs like the unsanitized pred.Lang field extracted from JSON keys, directly blocking the DQL injection payload.
Requires timely identification, reporting, and correction of flaws like the addQueryIfUnique injection vulnerability fixed in version 25.3.3.
Security SummaryAI
CVE-2026-41328 affects Dgraph, an open source distributed GraphQL database, in versions prior to 25.3.3. The vulnerability enables an unauthenticated attacker to gain full read access to every piece of data in the database when using the default configuration without ACL enabled. It arises from a DQL injection flaw in the addQueryIfUnique function within edgraph/server.go, where the function constructs DQL queries using fmt.Sprintf with an unsanitized predicateName that incorporates the raw pred.Lang value. This Lang field is parsed from JSON mutation keys via x.PredicateLang(), which splits on @ without any validation.
An unauthenticated attacker with network access to port 8080 can exploit this via two HTTP POST requests. The first targets /alter to create a schema predicate with @unique @index(exact) @lang, also unauthenticated in the default config. The second sends a crafted JSON mutation to /mutate?commitNow=true, where a JSON key embeds the predicate name followed by @ and an injection payload in the language tag position. The payload escapes the eq() function with a closing parenthesis, injects an arbitrary named query block, and uses a # comment to neutralize trailing template syntax, executing the query server-side and returning results in the HTTP response. The CVSS score is 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), linked to CWE-943.
The vulnerability is fixed in Dgraph version 25.3.3. Additional details on the issue and mitigation are available in the security advisory at https://github.com/dgraph-io/dgraph/security/advisories/GHSA-x92x-px7w-4gx4.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability allows unauthenticated exploitation of a public-facing GraphQL database (T1190) via DQL injection, enabling arbitrary data queries and full read access from the database (T1213.006).