pkg:Go/github.com/dgraph-io/dgraph/v24
5 total CVEsCRITICAL5
✅ Check your installed version
All known vulnerabilities
- CRITICAL10.0CVE-2026-34976Dgraph: Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorizationfrom 0, <= 24.0.5
- CRITICAL9.8CVE-2026-41492Dgraph: Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/varsfrom 0, <= 24.1.8
- CRITICAL9.4CVE-2026-40173Dgraph: Unauthenticated /debug/pprof/cmdline discloses admin auth token, enabling unauthorized access to protected Alpha admin endpointsfrom 0, <= 24.1.7
- CRITICAL9.1CVE-2026-41328Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Fieldfrom 0, <= 24.1.8
- CRITICAL9.1CVE-2026-41327Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Fieldfrom 0, <= 24.1.8