strawberry-graphql Summary

Latest vulnerabilities published by strawberry-graphql

JSON RSS CSV 🔔 Create Alert Trigger

4 June 2026

Strawberry GraphQL's Bypass of MaxAliasesLimiter via Fragment Spreads leading to GraphQL Alias Amplification
CVE-2026-47707
Strawberry-graphqlStrawberry5.3MEDIUM
Strawberry GraphQL: Default GraphiQL may expose HTTP headers in URLs
CVE-2026-45739
Strawberry-graphqlStrawberry3.1LOW
Strawberry GraphQL has a Circular Fragment Reference DOS
CVE-2026-47706
Strawberry-graphqlStrawberry5.3MEDIUM

7 April 2026