CVE-2025-64530 | apollographql federation up to 2.9.4/2.10.3/2.11.4/2.12.1 authentication bypass (GHSA-mx7m-j9xf-62hw)

A vulnerability was found in apollographql federation up to 2.9.4/2.10.3/2.11.4/2.12.1. It has been rated as critical. The affected element is an unknown function. This manipulation causes authentication bypass using alternate channel.

This vulnerability is tracked as CVE-2025-64530. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More