https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 00:07:26 +0000 https://vulnerability.circl.lu/sighting/f63f10a2-3622-4a13-8cef-c617709cc78c/export {"uuid": "f63f10a2-3622-4a13-8cef-c617709cc78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10782", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32030\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1.\n\ud83d\udccf Published: 2025-04-07T20:38:59.654Z\n\ud83d\udccf Modified: 2025-04-07T20:38:59.654Z\n\ud83d\udd17 References:\n1. https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh\n2. https://github.com/apollographql/federation/pull/3236\n3. https://github.com/apollographql/federation/releases/tag/%40apollo%2Fgateway%402.10.1", "creation_timestamp": "2025-04-07T20:46:11.000000Z"} {"uuid": "f63f10a2-3622-4a13-8cef-c617709cc78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10782", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32030\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1.\n\ud83d\udccf Published: 2025-04-07T20:38:59.654Z\n\ud83d\udccf Modified: 2025-04-07T20:38:59.654Z\n\ud83d\udd17 References:\n1. https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh\n2. https://github.com/apollographql/federation/pull/3236\n3. https://github.com/apollographql/federation/releases/tag/%40apollo%2Fgateway%402.10.1", "creation_timestamp": "2025-04-07T20:46:11.000000Z"} https://vulnerability.circl.lu/sighting/f63f10a2-3622-4a13-8cef-c617709cc78c/export Mon, 07 Apr 2025 20:46:11 +0000 https://vulnerability.circl.lu/sighting/e72d1e4f-fb7e-4d83-87ca-856b86e6c816/export {"uuid": "e72d1e4f-fb7e-4d83-87ca-856b86e6c816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"} {"uuid": "e72d1e4f-fb7e-4d83-87ca-856b86e6c816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"} https://vulnerability.circl.lu/sighting/e72d1e4f-fb7e-4d83-87ca-856b86e6c816/export Mon, 07 Apr 2025 23:31:54 +0000 https://vulnerability.circl.lu/sighting/fcfc887e-8bec-46f8-871c-bcd2b4994237/export {"uuid": "fcfc887e-8bec-46f8-871c-bcd2b4994237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "seen", "source": "Telegram/5eBuvckgjMmUrrDTZuzRXBnI9rJEpd7_1eddmnGajLrVyIo", "content": "", "creation_timestamp": "2025-04-07T23:31:55.000000Z"} {"uuid": "fcfc887e-8bec-46f8-871c-bcd2b4994237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "seen", "source": "Telegram/5eBuvckgjMmUrrDTZuzRXBnI9rJEpd7_1eddmnGajLrVyIo", "content": "", "creation_timestamp": "2025-04-07T23:31:55.000000Z"} https://vulnerability.circl.lu/sighting/fcfc887e-8bec-46f8-871c-bcd2b4994237/export Mon, 07 Apr 2025 23:31:55 +0000 https://vulnerability.circl.lu/sighting/8bff3ac5-7c41-424e-a797-85798bb03cb7/export {"uuid": "8bff3ac5-7c41-424e-a797-85798bb03cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "seen", "source": "https://t.me/cvedetector/22359", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32030 - Apollo Gateway Nested Fragment Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32030 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:30.000000Z"} {"uuid": "8bff3ac5-7c41-424e-a797-85798bb03cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32030", "type": "seen", "source": "https://t.me/cvedetector/22359", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32030 - Apollo Gateway Nested Fragment Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32030 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:30.000000Z"} https://vulnerability.circl.lu/sighting/8bff3ac5-7c41-424e-a797-85798bb03cb7/export Tue, 08 Apr 2025 01:26:30 +0000