pkg:Go/github.com/dgraph-io/dgraph

6 total CVEsCRITICAL5MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2026-34976Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization
    from 0, <= 1.2.8
  • CRITICAL9.8CVE-2026-41492Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars
    from 0, <= 1.2.8
  • CRITICAL9.4CVE-2026-40173Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpoints
    from 0, <= 1.2.8
  • CRITICAL9.1CVE-2026-41328Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field
    from 0, <= 1.2.8
  • CRITICAL9.1CVE-2026-41327Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field
    from 0, <= 1.2.8
  • MEDIUM5.5CVE-2023-31135Dgraph Audit Log Encryption Vulnerability
    from 0, < 23.0.0