Launch Week Day 1: Announcing Security Design Review
Start for Free
go

github.com/dgraph-io/dgraph

View on go registry
6 Total advisories
6 Vulnerabilities
0 Malware

Vulnerabilities

CRITICAL 9.1
Go

CVE-2026-41327

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field
CRITICAL 9.1
Go

CVE-2026-41328

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field
CRITICAL 9.8
Go

CVE-2026-41492

Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars
CRITICAL 9.4
Go

CVE-2026-40173

Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpoints
CRITICAL 10.0
Go

CVE-2026-34976

Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
MEDIUM 5.5
Go

CVE-2023-31135

Dgraph Audit Log Encryption Vulnerability

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes