News

Application security news, updated daily (if there is any news to share).

Dgraph patches unauthenticated restoreTenant admin mutation takeover

CVE-2026-34976 is a critical missing-authorization flaw in `dgraph` where an unauthenticated `restoreTenant` admin mutation enables database overwrite, server file reads, and SSRF.

NewsDatabase SecurityGraphQL

2 minYesterday

Loading news…

Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.