CVE-2026-41328 Overview
A critical DQL injection vulnerability has been discovered in Dgraph, an open source distributed GraphQL database. Prior to version 25.3.3, an unauthenticated attacker can gain full read access to every piece of data stored in the database. This vulnerability affects Dgraph deployments using the default configuration where Access Control Lists (ACL) are not enabled.
The attack exploits improper input validation in the language tag position of JSON mutation keys, allowing attackers to inject arbitrary DQL (Dgraph Query Language) queries that execute server-side and return results in the HTTP response.
Critical Impact
Unauthenticated attackers can extract all data from affected Dgraph databases through DQL injection, resulting in complete confidentiality and integrity compromise.
Affected Products
- Dgraph versions prior to 25.3.3
- Dgraph deployments with ACL disabled (default configuration)
- Dgraph Go module installations
Discovery Timeline
- 2026-04-24 - CVE CVE-2026-41328 published to NVD
- 2026-04-28 - Last updated in NVD database
Technical Details for CVE-2026-41328
Vulnerability Analysis
This vulnerability represents a DQL injection flaw (CWE-943) in Dgraph's mutation handling mechanism. The attack requires no authentication and can be executed remotely over the network with low complexity, making it particularly dangerous for internet-exposed Dgraph instances.
The exploitation process involves two sequential HTTP POST requests to port 8080. First, the attacker sets up a schema predicate with @unique @index(exact) @lang directives via the /alter endpoint, which is also unauthenticated in the default configuration. Second, a crafted JSON mutation is sent to /mutate?commitNow=true containing a specially constructed JSON key that includes the predicate name followed by an @ symbol and a DQL injection payload in the language tag position.
Root Cause
The root cause lies in the addQueryIfUnique function located in edgraph/server.go. This function constructs DQL queries using fmt.Sprintf with an unsanitized predicateName that includes the raw pred.Lang value. The Lang field is extracted from JSON mutation keys by the x.PredicateLang() function, which simply splits on the @ character and performs no validation.
Critically, no function in the codebase validates the Lang field before it is incorporated into the DQL query template. This allows attackers to inject a closing parenthesis to escape the eq() function, add an arbitrary named query block, and use a # comment character to neutralize any trailing template syntax. The injected query then executes server-side with full database access.
Attack Vector
The attack is network-based and requires no user interaction or authentication. An attacker sends a crafted JSON mutation where the key contains a malicious language tag. The injection payload escapes the intended query context and injects arbitrary DQL that can enumerate and extract all database contents.
The injected query results are returned directly in the HTTP response, providing immediate data exfiltration capabilities. Since the attack targets the default configuration where ACL is disabled, many Dgraph deployments may be vulnerable without administrators realizing the exposure.
Detection Methods for CVE-2026-41328
Indicators of Compromise
- Unusual HTTP POST requests to /alter endpoint creating schemas with @lang directives
- HTTP POST requests to /mutate?commitNow=true containing suspicious JSON keys with @ symbols followed by special characters like ), {, or #
- Large or unexpected data volumes in mutation response bodies
- Unexpected schema modifications in Dgraph audit logs
Detection Strategies
- Monitor HTTP traffic to Dgraph port 8080 for requests containing DQL injection patterns in JSON keys
- Implement web application firewall (WAF) rules to detect and block requests with injection payloads in mutation endpoints
- Review Dgraph access logs for unauthenticated requests to /alter and /mutate endpoints
- Deploy network intrusion detection signatures for Dgraph DQL injection patterns
Monitoring Recommendations
- Enable comprehensive logging for all Dgraph HTTP API endpoints
- Set up alerts for schema modifications via unauthenticated requests
- Monitor for bulk data extraction patterns in response sizes
- Implement baseline monitoring for normal Dgraph query patterns to detect anomalies
How to Mitigate CVE-2026-41328
Immediate Actions Required
- Upgrade Dgraph to version 25.3.3 or later immediately
- Enable ACL (Access Control Lists) on all Dgraph deployments to require authentication
- Restrict network access to Dgraph port 8080 using firewall rules
- Review logs for signs of exploitation before patching
Patch Information
This vulnerability is fixed in Dgraph version 25.3.3. The fix addresses the input validation issue by properly sanitizing the Lang field extracted from JSON mutation keys before incorporating it into DQL queries. Organizations should upgrade to 25.3.3 or later as soon as possible.
For detailed patch information, refer to the GitHub Security Advisory.
Workarounds
- Enable ACL authentication on Dgraph to prevent unauthenticated access to /alter and /mutate endpoints
- Place Dgraph behind a reverse proxy or API gateway that validates and sanitizes incoming requests
- Implement network segmentation to limit access to Dgraph instances from trusted sources only
- Monitor and alert on any requests containing special characters in JSON mutation keys
# Example: Restrict network access to Dgraph port 8080
iptables -A INPUT -p tcp --dport 8080 -s 10.0.0.0/8 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
