CVE-2026-44840 | dgraph 23.0.0/25.3.1/25.3.2/25.3.3 GraphQL Query checkUserPassword injection

SecurityVulns

A vulnerability, which was classified as critical, has been found in dgraph 23.0.0/25.3.1/25.3.2/25.3.3. This affects the function checkUserPassword of the component GraphQL Query Handler. This manipulation causes injection.

This vulnerability is tracked as CVE-2026-44840. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More