CVE Disclosure

CVE-2026-44840

Dgraph · Go

DQL injection via checkUserPassword GraphQL query

CVSS—

SeverityHigh

StatusPublished

Summary

CVE-2026-44840 is a high-severity vulnerability affecting Dgraph (Go): DQL injection via checkUserPassword GraphQL query.

References

NVD↗MITRE↗Vendor / Advisory↗PoC repo (if published)↗

Disclosure

Reported by Kai Aizen. Status: Published. Coordinated through standard NVD/MITRE/GHSA channels.

disclosure contextall 30 cves →

all disclosures

30 published CVEs

GHSA disclosures →

4 coordinated advisories

Pen Testing →

same methodology, your stack

Author

Kai Aizen

Independent offensive security researcher. 30 published CVEs, 5 Linux kernel mainline patches, creator of AATMF / P.R.O.M.P.T / SEF, author of Adversarial Minds.

about services github x linkedin researchgate