Security Intel Hub 15+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

High

MCP Server DNS Rebinding Vulnerability and Host Header Validation Fix

github.com · 2026-04-10

apollo-mcp-server

High

Apollo MCP Server Missing Host Header Validation Vulnerability

GHSA-apollo-mcp-server-host-header-validation · github.com · 2026-04-10

Apollo MCP Server < 1.7.0

High

Apollo Server DoS Vulnerability (CVE-2026-23897) Advisory

CVE-2026-23897 · github.com · 2026-02-05

@apollo/server>=4.2.0, <4.13.0 · @apollo/server>=5.0.0, <5.4.0 …

High

Apollo Federation CVE-2025-64530 Access Control Bypass via Interface Types

CVE-2025-64530 · github.com · 2025-11-14

@apollo/composition <2.9.5 · @apollo/composition <2.10.4 …

High

Apollo Federation Rust: Fix Auth Directive Rename Bypass

github.com · 2025-11-10

apollographql/router

High

GraphQL Router Authorization Plugin Bypass via Polymorphic Types and Directive Renames

github.com · 2025-11-09

apollographql/router

High

Apollo Router Access Control Bypass Vulnerability (CVE-2025-64173)

CVE-2025-64173 · github.com · 2025-11-09

apollo-router (Rust) < 1.61.12 · apollo-router (Rust) < 2.8.1 …

High

Apollo Router Improper Enforcement of Renamed Access Control Directives Vulnerability

github.com · 2025-11-09

@apollo/router (Rust) < 1.61.12, < 2.8.1 · apollographql/helm-charts/router (GitHub Packages Container Registry) < 1.61.12, < 2.8.1 …

CVSS 8.2

Apollo Embedded Sandbox/Explorer CSRF Vulnerability (CVE-2025-59845)

github.com · 2025-09-28

### Key Information #### Vulnerability Overview - **Vulnerability Type**: CSRF (Cross-Site Request Forgery) - **Affected Components**: Apollo Embedded Sandbox and Explorer - **CVE ID**: CVE-2025-59845…

CVSS 7.5

Apollo Router CVE-2025-32380 DoS via Named Fragment Processing

github.com · 2025-04-10

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing - **CVE ID**: CVE-20…

CVSS 7.5

Apollo Router CVE-2025-32034 Query Planner Excessive Resource Consumption

github.com · 2025-04-09

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion - **CVE ID**: CVE-2025-3…

CVSS 7.5

Apollo Router Operation Limits Bypass via Integer Overflow (CVE-2025-32033)

github.com · 2025-04-09

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow - **CVE ID**: CVE-2025-32033 - **CWE**: CWE-190 (Inte…

CVSS 7.5

Apollo Router CVE-2025-32032 DoS via Query Planner Optimization Bypass

github.com · 2025-04-09

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass - **CVE ID**: CVE-2025-32032 …

CVSS 7.5

Apollo Router DoS Vulnerability Advisory and Mitigation

github.com · 2024-08-29

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Impact Scope**: Certain configurations of Apollo Router may l…

CVSS 7.5

Apollo GraphQL CVE-2024-43783/43414 Vulnerability Advisory

github.com · 2024-08-29

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability IDs**: - **CVE-2024-43783**: Payload limits may exceed configured maximum - **CVE-2024-434…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 15+