PYSEC-2026-133
Vulnerability from pysec - Published: 2026-04-07 17:16 - Updated: 2026-05-20 09:19
VLAI
Details
Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connection_init handshake has been completed before processing start (subscription) messages. This allows a remote attacker to skip the on_ws_connect authentication hook entirely by connecting with the graphql-ws subprotocol and sending a start message directly, without ever sending connection_init. This vulnerability is fixed in 0.312.3.
Severity
7.5 (High)
Impacted products
| Name | purl | strawberry-graphql | pkg:pypi/strawberry-graphql |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "strawberry-graphql",
"purl": "pkg:pypi/strawberry-graphql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.312.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.1.0",
"0.10.0",
"0.100.0",
"0.101.0",
"0.102.0",
"0.102.1",
"0.102.2",
"0.102.3",
"0.103.0",
"0.103.0.dev1646681887",
"0.103.0.dev1646854314",
"0.103.0.dev1646854952",
"0.103.0.dev1647013700",
"0.103.0.dev1647019919",
"0.103.0.dev1647276413",
"0.103.1",
"0.103.2",
"0.103.3",
"0.103.3.dev1647556194",
"0.103.3.dev1647560143",
"0.103.4",
"0.103.5",
"0.103.6",
"0.103.7",
"0.103.8",
"0.103.9",
"0.104.0",
"0.104.1",
"0.104.2",
"0.104.3",
"0.104.4",
"0.105.0",
"0.105.1",
"0.106.0",
"0.106.1",
"0.106.2",
"0.106.3",
"0.107.0",
"0.107.1",
"0.108.0",
"0.108.1",
"0.108.2",
"0.108.3",
"0.109.0",
"0.109.1",
"0.11.0",
"0.110.0",
"0.111.0",
"0.111.0.dev1651525459",
"0.111.0.dev1651528582",
"0.111.1",
"0.111.2",
"0.112.0",
"0.113.0",
"0.114.0",
"0.114.0.dev1653002317",
"0.114.1",
"0.114.2",
"0.114.3",
"0.114.4",
"0.114.5",
"0.114.6",
"0.114.7",
"0.115.0",
"0.115.0.dev1655415925",
"0.115.0.dev1655918067",
"0.115.0.dev1656535533",
"0.115.0.dev1656539795",
"0.116.0",
"0.116.1",
"0.116.2",
"0.116.2.dev1656871393",
"0.116.2.dev1656872058",
"0.116.3",
"0.116.4",
"0.116.5.dev1657033844",
"0.117.0",
"0.117.1",
"0.118.0",
"0.118.0.dev1657317770",
"0.118.1",
"0.118.1.dev1657789151",
"0.118.2",
"0.118.2.dev1657794397",
"0.119.0",
"0.119.0.dev1657804594",
"0.119.1",
"0.119.2",
"0.12.0",
"0.120.0",
"0.120.0.dev1658155979",
"0.120.0.dev1658523480",
"0.121.0",
"0.121.1",
"0.121.1.dev1658834895",
"0.122.0",
"0.122.1",
"0.123.0",
"0.123.1",
"0.123.2",
"0.123.3",
"0.124.0",
"0.124.0.dev1659352285",
"0.124.0.dev1659364977",
"0.124.0.dev1659369142",
"0.124.0.dev1659369671",
"0.124.0.dev1659525319",
"0.124.0.dev1659561253",
"0.124.0.dev1659609516",
"0.124.0.dev1659610656",
"0.124.0.dev1659628473",
"0.124.0.dev1659635965",
"0.124.0.dev1659642945",
"0.124.0.dev1659690947",
"0.125.0",
"0.125.0.dev1660322955",
"0.125.1",
"0.125.1.dev1660660183",
"0.126.0",
"0.126.1",
"0.126.2",
"0.127.0",
"0.127.0.dev1661177678",
"0.127.0.dev1661202938",
"0.127.0.dev1661205026",
"0.127.0.dev1661205525",
"0.127.0.dev1661797666",
"0.127.1",
"0.127.2",
"0.127.2.dev1661863585",
"0.127.3",
"0.127.3.dev1661875109",
"0.127.4",
"0.128.0",
"0.128.0.dev1662230411",
"0.128.0.dev1662327339",
"0.128.0.dev1662377719",
"0.128.0.dev1662378822",
"0.128.0.dev1662389441",
"0.128.0.dev1662392213",
"0.128.0.dev1662392858",
"0.129.0",
"0.129.0.dev1662643738",
"0.13.0",
"0.13.1",
"0.13.2",
"0.13.3",
"0.13.4",
"0.130.0",
"0.130.1",
"0.130.2",
"0.130.3",
"0.130.4",
"0.131.0",
"0.131.1",
"0.131.1.dev1663258832",
"0.131.2",
"0.131.2.dev1663861889",
"0.131.3",
"0.131.4",
"0.131.5",
"0.132.0",
"0.132.0.dev1663408167",
"0.132.1",
"0.133.0",
"0.133.1",
"0.133.2",
"0.133.3",
"0.133.3.dev1664623208",
"0.133.3.dev1664709044",
"0.133.4",
"0.133.5",
"0.133.6",
"0.133.6.dev1665517139",
"0.133.7",
"0.134.0",
"0.134.0.dev1664917721",
"0.134.0.dev1665768624",
"0.134.1",
"0.134.2",
"0.134.3",
"0.134.4",
"0.134.5",
"0.135.0",
"0.136.0",
"0.137.0",
"0.137.1",
"0.138.0",
"0.138.1",
"0.138.2",
"0.138.2.dev1667430260",
"0.139.0",
"0.139.0.dev1667502964",
"0.14.0",
"0.14.1",
"0.14.2",
"0.14.3",
"0.14.4",
"0.140.0",
"0.140.1",
"0.140.1.dev1667918300",
"0.140.2",
"0.140.3",
"0.140.4.dev1668092284",
"0.141.0",
"0.141.0.dev1668092508",
"0.141.0.dev1668163238",
"0.142.0",
"0.142.1",
"0.142.2",
"0.142.3",
"0.143.0",
"0.144.0",
"0.144.0.dev1669937711",
"0.144.1",
"0.144.2",
"0.144.3",
"0.145.0",
"0.145.0.dev1670166107",
"0.145.0.dev1670170082",
"0.145.0.dev1670175214",
"0.146.0",
"0.147.0",
"0.148.0",
"0.149.0",
"0.149.1",
"0.149.2",
"0.15.0",
"0.15.1",
"0.15.2",
"0.15.3",
"0.15.4",
"0.15.5",
"0.15.6",
"0.150.0",
"0.150.1",
"0.151.0",
"0.151.1",
"0.151.2",
"0.151.3",
"0.152.0",
"0.153.0",
"0.154.0",
"0.154.1",
"0.155.0",
"0.155.1",
"0.155.2",
"0.155.3",
"0.155.4",
"0.156.0",
"0.156.0.dev1674920499",
"0.156.0.dev1675101075",
"0.156.0.dev1676725369",
"0.156.0.dev1676729888",
"0.156.0.dev1676734704",
"0.156.1",
"0.156.2",
"0.156.3",
"0.156.4",
"0.157.0",
"0.157.0.dev1675982393",
"0.157.0.dev1676143402",
"0.157.0.dev1676507628",
"0.157.0.dev1676508359",
"0.157.0.dev1676594678",
"0.158.0",
"0.158.1",
"0.158.2",
"0.159.0",
"0.159.0.dev1678404470",
"0.159.1",
"0.16.0",
"0.16.1",
"0.16.10",
"0.16.2",
"0.16.3",
"0.16.4",
"0.16.5",
"0.16.6",
"0.16.7",
"0.16.8",
"0.16.9",
"0.160.0",
"0.161.0",
"0.161.1",
"0.162.0",
"0.163.0",
"0.163.1",
"0.163.2",
"0.164.0",
"0.164.1",
"0.165.0",
"0.165.1",
"0.166.0",
"0.167.0",
"0.167.1",
"0.168.0",
"0.168.1",
"0.168.2",
"0.169.0",
"0.17.0",
"0.170.0",
"0.171.0",
"0.171.1",
"0.171.2",
"0.171.3",
"0.172.0",
"0.173.0",
"0.173.1",
"0.174.0",
"0.175.0",
"0.175.1",
"0.176.0",
"0.176.1",
"0.176.2",
"0.176.3",
"0.176.4",
"0.177.0",
"0.177.1",
"0.177.2",
"0.177.3",
"0.178.0",
"0.178.1",
"0.178.2",
"0.178.3",
"0.179.0",
"0.18.0",
"0.18.1",
"0.18.2",
"0.18.3",
"0.180.0",
"0.180.1",
"0.180.2",
"0.180.3",
"0.180.4",
"0.180.5",
"0.181.0",
"0.182.0",
"0.182.0.dev1686062831",
"0.183.0",
"0.183.1",
"0.183.1.dev1686081894",
"0.183.2",
"0.183.3",
"0.183.4",
"0.183.5",
"0.183.6",
"0.183.7",
"0.183.8",
"0.184.0",
"0.184.1",
"0.185.0",
"0.185.1",
"0.185.2",
"0.185.2.dev1686819062",
"0.186.0",
"0.186.1",
"0.186.2",
"0.186.3",
"0.187.0",
"0.187.1",
"0.187.2",
"0.187.3",
"0.187.4",
"0.187.5",
"0.188.0",
"0.189.0",
"0.189.1",
"0.189.1.dev1687473609",
"0.189.2",
"0.189.3",
"0.19.0",
"0.19.1",
"0.190.0",
"0.190.0.dev1687447182",
"0.192.0",
"0.192.1",
"0.192.2",
"0.193.0",
"0.193.1",
"0.194.0",
"0.194.1",
"0.194.2",
"0.194.3",
"0.194.4",
"0.195.0",
"0.195.1",
"0.195.2",
"0.195.3",
"0.196.0",
"0.196.0.dev1689676980",
"0.196.0.dev1689676990",
"0.196.0.dev1690222024",
"0.196.1",
"0.196.2",
"0.197.0",
"0.197.0.dev1690539957",
"0.198.0",
"0.199.0",
"0.199.1",
"0.199.2",
"0.199.3",
"0.2.0",
"0.2.1",
"0.2.2",
"0.20.0",
"0.20.1",
"0.20.2",
"0.20.3",
"0.200.0",
"0.201.0",
"0.201.1",
"0.202.0",
"0.202.1",
"0.203.0",
"0.203.1",
"0.203.1.dev1691831108",
"0.203.2",
"0.203.3",
"0.204.0",
"0.205.0",
"0.206.0",
"0.207.0",
"0.207.1",
"0.208.0",
"0.208.1",
"0.208.2",
"0.208.3",
"0.209.0",
"0.209.1",
"0.209.2",
"0.209.3",
"0.209.3.dev1696259772",
"0.209.4",
"0.209.5",
"0.209.6",
"0.209.7",
"0.209.8",
"0.209.8.dev1697789637",
"0.21.0",
"0.21.1",
"0.210.0",
"0.210.0.dev1697796691",
"0.211.0",
"0.211.1",
"0.211.2",
"0.212.0",
"0.212.0.dev1698770659",
"0.212.0.dev1698790124",
"0.212.0.dev1699050277",
"0.212.0.dev1699288765",
"0.212.0.dev1699291750",
"0.213.0",
"0.213.0.dev1699372734",
"0.213.0.dev1699435418",
"0.213.0.dev1699437859",
"0.214.0",
"0.214.0.dev1699441271",
"0.214.0.dev1701082152",
"0.214.0.dev1701368154",
"0.215.0",
"0.215.1",
"0.215.2",
"0.215.2.dev1701810830",
"0.215.3",
"0.216.0",
"0.216.1",
"0.217.0",
"0.217.1",
"0.218.0",
"0.218.0.dev1705418681",
"0.218.1",
"0.219.0",
"0.219.1",
"0.219.2",
"0.22.0",
"0.220.0",
"0.220.0.dev1709543239",
"0.221.0",
"0.221.0.dev1710955937",
"0.221.1",
"0.222.0",
"0.223.0",
"0.224.0",
"0.224.0.dev1711748192",
"0.224.1",
"0.224.2",
"0.225.0",
"0.225.1",
"0.226.0",
"0.226.1",
"0.226.2",
"0.227.0",
"0.227.0.dev1713463204",
"0.227.0.dev1713475585",
"0.227.1",
"0.227.2",
"0.227.3",
"0.227.4",
"0.227.5",
"0.227.6",
"0.227.7",
"0.228.0",
"0.228.0.dev1713643365",
"0.229.0",
"0.229.1",
"0.229.2",
"0.229.2.dev1715873118",
"0.229.2.dev1715881453",
"0.23.0",
"0.23.1",
"0.23.2",
"0.23.3",
"0.230.0",
"0.230.0.dev1716318708",
"0.231.0",
"0.231.1",
"0.232.0",
"0.232.1",
"0.232.2",
"0.233.0",
"0.233.1",
"0.233.2",
"0.233.3",
"0.234.0",
"0.234.1",
"0.234.2",
"0.234.3",
"0.235.0",
"0.235.1",
"0.235.1.dev1719337273",
"0.235.2",
"0.236.0",
"0.236.1",
"0.236.2",
"0.237.0",
"0.237.1",
"0.237.2",
"0.237.3",
"0.238.0",
"0.238.1",
"0.239.0",
"0.239.1",
"0.239.2",
"0.24.0",
"0.24.1",
"0.240.0",
"0.240.1",
"0.240.2",
"0.240.3",
"0.240.3.dev1726159932",
"0.240.4",
"0.241.0",
"0.242.0",
"0.243.0",
"0.243.1",
"0.244.0",
"0.244.1",
"0.245.0",
"0.246.0",
"0.246.1",
"0.246.2",
"0.246.3",
"0.247.0",
"0.247.1",
"0.247.2",
"0.248.0",
"0.248.1",
"0.249.0",
"0.25.0",
"0.25.1",
"0.25.2",
"0.25.3",
"0.25.4",
"0.25.5",
"0.25.6",
"0.250.0",
"0.250.1",
"0.251.0",
"0.252.0",
"0.253.0",
"0.253.1",
"0.254.0",
"0.254.1",
"0.255.0",
"0.256.0",
"0.256.1",
"0.257.0",
"0.257.0.dev1735244504",
"0.258.0",
"0.258.1",
"0.259.0",
"0.259.1",
"0.26.0",
"0.26.1",
"0.26.2",
"0.26.3",
"0.260.0",
"0.260.1",
"0.260.2",
"0.260.3",
"0.260.4",
"0.261.0",
"0.261.1",
"0.262.0",
"0.262.1",
"0.262.2",
"0.262.3",
"0.262.4",
"0.262.5",
"0.262.6",
"0.262.7.dev1743345593",
"0.263.0",
"0.263.0.dev1743450281",
"0.263.0.dev1743450503",
"0.263.0.dev1743450741",
"0.263.0.dev1743582446",
"0.263.1",
"0.263.2",
"0.264.0",
"0.264.1",
"0.265.0",
"0.265.1",
"0.266.0",
"0.266.0.dev1744797470",
"0.266.1",
"0.267.0",
"0.267.0.dev1746643548",
"0.268.0",
"0.268.1",
"0.268.2",
"0.268.2.dev1747436835",
"0.269.0",
"0.269.0.dev1746905409",
"0.269.0.dev1747164009",
"0.27.0",
"0.27.1",
"0.27.2",
"0.27.3",
"0.27.4",
"0.27.5",
"0.270.0",
"0.270.1",
"0.270.2",
"0.270.3",
"0.270.4",
"0.270.5",
"0.270.6",
"0.271.0",
"0.271.1",
"0.271.2",
"0.272.0",
"0.272.1",
"0.273.0",
"0.273.1",
"0.273.2",
"0.273.3",
"0.274.0",
"0.274.1",
"0.274.2",
"0.274.3",
"0.275.0",
"0.275.1",
"0.275.2",
"0.275.3",
"0.275.4",
"0.275.5",
"0.275.6",
"0.275.7",
"0.276.0",
"0.276.0.dev1750672223",
"0.276.0.dev1752831589",
"0.276.1",
"0.276.2",
"0.277.0",
"0.277.1",
"0.278.0",
"0.278.1",
"0.279.0",
"0.279.0.dev1754138688",
"0.279.0.dev1754156227",
"0.279.0.dev1754159379",
"0.28.0",
"0.28.1",
"0.28.2",
"0.28.3",
"0.28.4",
"0.28.5",
"0.280.0",
"0.281.0",
"0.282.0",
"0.283.0",
"0.283.1",
"0.283.2",
"0.283.3",
"0.284.0",
"0.284.1",
"0.284.2",
"0.284.3",
"0.284.4",
"0.285.0",
"0.285.0.dev1762469343",
"0.286.0",
"0.286.1",
"0.287.0",
"0.287.1",
"0.287.2",
"0.287.3",
"0.287.4",
"0.288.0",
"0.288.1",
"0.288.2",
"0.288.3",
"0.288.4",
"0.289.0",
"0.289.1",
"0.289.2",
"0.289.3",
"0.289.4",
"0.289.5",
"0.289.6",
"0.289.7",
"0.289.8",
"0.29.0",
"0.29.1",
"0.290.0",
"0.291.0",
"0.291.1",
"0.291.2",
"0.291.2.dev1770456508",
"0.291.2.dev1771437961",
"0.291.3",
"0.292.0",
"0.293.0",
"0.294.0",
"0.295.0",
"0.296.0",
"0.296.1",
"0.296.2",
"0.297.0",
"0.298.0",
"0.298.1",
"0.299.0",
"0.3.0",
"0.3.1",
"0.3.2",
"0.30.0",
"0.30.1",
"0.300.0",
"0.301.0",
"0.302.0",
"0.303.0",
"0.303.1",
"0.304.0",
"0.305.0",
"0.306.0",
"0.307.0",
"0.307.1",
"0.308.0",
"0.308.1",
"0.308.2",
"0.308.3",
"0.309.0",
"0.31.0",
"0.31.1",
"0.310.0",
"0.310.1",
"0.310.2",
"0.311.0",
"0.311.1",
"0.311.2",
"0.311.3",
"0.312.0",
"0.312.1",
"0.312.2",
"0.32.0",
"0.32.1",
"0.32.2",
"0.32.3",
"0.32.4",
"0.33.0",
"0.33.1",
"0.34.0",
"0.34.1",
"0.34.2",
"0.35.0",
"0.35.1",
"0.35.2",
"0.35.3",
"0.35.4",
"0.35.5",
"0.36.0",
"0.36.1",
"0.36.2",
"0.36.4",
"0.37.0",
"0.37.1",
"0.37.2",
"0.37.3",
"0.37.4",
"0.37.5",
"0.37.6",
"0.37.7",
"0.38.0",
"0.38.1",
"0.39.0",
"0.39.1",
"0.39.2",
"0.39.3",
"0.39.4",
"0.4.0",
"0.40.0",
"0.40.1",
"0.40.2",
"0.41.0",
"0.41.1",
"0.42.0",
"0.42.1",
"0.42.2",
"0.42.3",
"0.42.4",
"0.42.5",
"0.42.6",
"0.42.7",
"0.43.0",
"0.43.1",
"0.43.2",
"0.44.0",
"0.44.1",
"0.44.10",
"0.44.11",
"0.44.12",
"0.44.2",
"0.44.3",
"0.44.4",
"0.44.5",
"0.44.6",
"0.44.7",
"0.44.8",
"0.44.9",
"0.45.0",
"0.45.1",
"0.45.2",
"0.45.3",
"0.45.4",
"0.46.0",
"0.47.0",
"0.47.1",
"0.48.0",
"0.48.1",
"0.48.2",
"0.48.3",
"0.49.0",
"0.49.1",
"0.49.2",
"0.5.0",
"0.5.1",
"0.5.2",
"0.5.3",
"0.5.4",
"0.5.5",
"0.5.6",
"0.50.0",
"0.50.1",
"0.50.2",
"0.50.3",
"0.51.0",
"0.51.1",
"0.52.0",
"0.52.1",
"0.53.0",
"0.53.1",
"0.53.2",
"0.53.3",
"0.53.4",
"0.54.0",
"0.55.0",
"0.56.0",
"0.56.1",
"0.56.2",
"0.56.3",
"0.57.0",
"0.57.1",
"0.57.2",
"0.57.3",
"0.57.4",
"0.58.0",
"0.59.0",
"0.59.1",
"0.6.0",
"0.60.0",
"0.61.0",
"0.61.1",
"0.61.2",
"0.61.3",
"0.62.0",
"0.62.1",
"0.63.0",
"0.63.1",
"0.63.2",
"0.64.0",
"0.64.1",
"0.64.2",
"0.64.3",
"0.64.4",
"0.64.5",
"0.65.0",
"0.65.1",
"0.65.2",
"0.65.3",
"0.65.4",
"0.65.5",
"0.66.0",
"0.67.0",
"0.67.1",
"0.68.0",
"0.68.1",
"0.68.2",
"0.68.3",
"0.68.4",
"0.69.0",
"0.69.1",
"0.69.2",
"0.69.3",
"0.69.4",
"0.7.0",
"0.70.0",
"0.70.1",
"0.70.2",
"0.70.3",
"0.70.4",
"0.71.0",
"0.71.1",
"0.71.2",
"0.71.3",
"0.72.0",
"0.72.1",
"0.72.2",
"0.72.3",
"0.73.0",
"0.73.1",
"0.73.2",
"0.73.3",
"0.73.4",
"0.73.6",
"0.73.7",
"0.73.8",
"0.73.9",
"0.74.0",
"0.74.1",
"0.75.0",
"0.75.1",
"0.76.0",
"0.76.1",
"0.77.0",
"0.77.1",
"0.77.10",
"0.77.11",
"0.77.12",
"0.77.2",
"0.77.3",
"0.77.4",
"0.77.5",
"0.77.6",
"0.77.7",
"0.77.8",
"0.77.9",
"0.78.0",
"0.78.1",
"0.78.2",
"0.79.0",
"0.8.0",
"0.80.0",
"0.80.1",
"0.80.2",
"0.81.0",
"0.81.1.dev1663258661",
"0.82.0",
"0.82.1",
"0.82.2",
"0.83.0",
"0.83.1",
"0.83.2",
"0.83.3",
"0.83.4",
"0.83.5",
"0.83.6",
"0.84.0",
"0.84.1",
"0.84.2",
"0.84.3",
"0.84.4",
"0.85.0",
"0.85.1",
"0.86.0",
"0.86.0.dev1635095904",
"0.86.0.dev1635977468",
"0.86.0.dev1636456421",
"0.86.0.dev1636672167",
"0.86.0.dev1636672383",
"0.86.0.dev1636718966",
"0.86.1",
"0.87.0",
"0.87.1",
"0.87.2",
"0.87.3",
"0.88.0",
"0.89.0",
"0.89.1",
"0.89.2",
"0.9.0",
"0.9.1",
"0.90.0",
"0.90.1",
"0.90.2",
"0.90.3",
"0.91.0",
"0.92.0",
"0.92.1",
"0.92.2",
"0.93.0",
"0.93.1",
"0.93.10",
"0.93.11",
"0.93.12",
"0.93.13",
"0.93.14",
"0.93.15",
"0.93.16",
"0.93.17",
"0.93.18",
"0.93.19",
"0.93.2",
"0.93.20",
"0.93.21",
"0.93.22",
"0.93.23",
"0.93.3",
"0.93.4",
"0.93.5",
"0.93.5.dev1639595516",
"0.93.6",
"0.93.7",
"0.93.8",
"0.93.9",
"0.94.0",
"0.94.0.dev1642180413",
"0.94.0.dev1642201089",
"0.95.0",
"0.95.1",
"0.95.2",
"0.95.3",
"0.95.4",
"0.95.5",
"0.96.0",
"0.97.0",
"0.98.0",
"0.98.2",
"0.99.0",
"0.99.1",
"0.99.2",
"0.99.3"
]
}
],
"aliases": [
"CVE-2026-35523",
"GHSA-vpwc-v33q-mq89"
],
"details": "Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connection_init handshake has been completed before processing start (subscription) messages. This allows a remote attacker to skip the on_ws_connect authentication hook entirely by connecting with the graphql-ws subprotocol and sending a start message directly, without ever sending connection_init. This vulnerability is fixed in 0.312.3.",
"id": "PYSEC-2026-133",
"modified": "2026-05-20T09:19:17.609380Z",
"published": "2026-04-07T17:16:31.583Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/strawberry-graphql/strawberry/security/advisories/GHSA-vpwc-v33q-mq89"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…