CVE-2026-40476 | webonyx graphql-php up to 15.31.4 OverlappingFieldsCanBeMerged algorithmic complexity (GHSA-68jq-c3rv-pcrr)

A vulnerability categorized as problematic has been discovered in webonyx graphql-php up to 15.31.4. The impacted element is the function OverlappingFieldsCanBeMerged. Executing a manipulation can lead to inefficient algorithmic complexity.

This vulnerability is handled as CVE-2026-40476. The attack can be executed remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More