Goal Reached Thanks to every supporter β€” we hit 100%!

Goal: 1000 CNY Β· Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-34976 β€” AI Deep Analysis Summary

CVSS 10.0 Β· Critical

Q1What is this vulnerability? (Essence + Consequences)

🚨 **Essence**: Dgraph < 25.3.1 has a critical auth bypass in `restoreTenant`. πŸ“‰ **Consequences**: DB overwrite, SSRF, & server file read. Total compromise!

Q2Root Cause? (CWE/Flaw)

πŸ›‘οΈ **Root Cause**: Missing authorization middleware on `restoreTenant` mutation. πŸ”“ **CWE**: CWE-862 (Missing Authorization).

Q3Who is affected? (Versions/Components)

πŸ“¦ **Affected**: Dgraph versions **before 25.3.1**. 🏒 **Vendor**: dgraph-io. πŸ“… **Pub**: 2026-04-06.

Q4What can hackers do? (Privileges/Data)

πŸ’€ **Attacker Actions**: Unauthenticated access! πŸ“‚ Read server files. 🌐 Execute SSRF. πŸ’Ύ Overwrite entire DB. 🚫 No login needed.

Q5Is exploitation threshold high? (Auth/Config)

⚑ **Threshold**: LOW. 🚫 **Auth**: None required (PR:N). 🎯 **Complexity**: Low (AC:L). πŸ–±οΈ **UI**: None needed (UI:N).

Q6Is there a public Exp? (PoC/Wild Exploitation)

πŸ” **Public Exp**: No PoCs listed in data. πŸ“° **Ref**: GHSA-p5rh-vmhp-gvcw. ⚠️ **Risk**: High CVSS (Critical).

Q7How to self-check? (Features/Scanning)

πŸ”Ž **Check**: Scan for Dgraph < 25.3.1. πŸ“‘ **Feature**: Look for exposed `restoreTenant` endpoint. πŸ› οΈ **Tool**: Version fingerprinting.

Q8Is it fixed officially? (Patch/Mitigation)

βœ… **Fixed**: Yes! Upgrade to **Dgraph 25.3.1** or later. πŸ“₯ **Action**: Patch immediately via official release.

Q9What if no patch? (Workaround)

🚧 **No Patch?**: Block external access to `restoreTenant`. πŸ”’ **Mitigate**: Enforce strict API gateway auth. πŸ›‘ **Isolate**: Network segmentation.

Q10Is it urgent? (Priority Suggestion)

πŸ”₯ **Urgency**: CRITICAL. 🚨 **Priority**: P1. πŸƒ **Action**: Patch NOW. CVSS is High/HIGH/HIGH. Zero-day risk!

Continue exploring

Vulnerability detail Full AI analysis (login) dgraph-io CWE-862