CVE-2026-35523 | strawberry-graphql strawberry up to 0.312.2 Start Message connection_init missing authentication

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability, which was classified as critical, was found in strawberry-graphql strawberry up to 0.312.2. This impacts the function connection_init of the component Start Message Handler. Such manipulation leads to missing authentication.

This vulnerability is documented as CVE-2026-35523. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-35523 | strawberry-graphql strawberry up to 0.312.2 Start Message connection_init missing authentication

Post correlati

CVE-2024-56947 | Xiamen Meitu Technology BeautyCam 12.3.60 on iOS Link information disclosure

CVE-2023-6761 | Thecosy IceCMS up to 2.0.1 User Data access control

CVE-2024-3520 | Country State City Dropdown CF7 Plugin up to 2.7.1 on WordPress authorization

CVE-2018-9390 | Google Android gl_proc.c procfile_write memory corruption