CVE-2026-1171
Unknown Unknown - Not Provided
Denial of Service in Birkir Prime GraphQL Field Handler

Publication date: 2026-01-19

Last updated on: 2026-02-23

Assigner: VulDB

Description
A flaw has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-19
Last Modified
2026-02-23
Generated
2026-06-16
AI Q&A
2026-01-19
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1171
EUVD
EUVD-2026-3198
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
birkir prime to 0.4.0.beta.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1171 is a vulnerability in birkir prime up to version 0.4.0.beta.0 involving the GraphQL Field Handler at the /graphql endpoint. The issue arises because the implementation executes the resolver function independently for each repeated field in a GraphQL query. Since GraphQL allows requesting the same field multiple times, this causes an amplification effect where redundant database queries or computations are performed repeatedly. An attacker can exploit this by sending a query with many repeated fields, causing excessive resource consumption and leading to a denial of service (DoS) condition on the server. [1, 3]

Impact Analysis

This vulnerability can impact you by allowing a remote attacker to cause a denial of service (DoS) on your server running birkir prime up to 0.4.0.beta.0. The attacker can send specially crafted GraphQL queries with duplicated fields that cause the server to perform excessive redundant processing, exhausting server resources. This can make the service unavailable to legitimate users. The attack requires no authentication and is easy to execute, with a public proof-of-concept exploit available. No patches or mitigations have been provided by the vendor, so the affected system remains vulnerable. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by monitoring GraphQL queries sent to the /graphql endpoint for repeated fields within a single query, especially the same field requested multiple times (e.g., __typename repeated hundreds of times). Detection can involve capturing and analyzing GraphQL requests to identify such duplication patterns that cause excessive resolver executions. Specific commands are not provided in the resources, but network traffic capture tools like tcpdump or Wireshark can be used to capture requests, and custom scripts or GraphQL query analyzers can be employed to detect repeated fields in queries. [1, 2, 3]

Mitigation Strategies

Immediate mitigation steps include considering replacing the affected birkir prime product since no patches or countermeasures have been provided by the vendor. Additionally, monitoring and filtering GraphQL queries to block or limit requests containing duplicated fields can help reduce the risk. Implementing rate limiting or Web Application Firewall (WAF) rules to detect and block suspicious GraphQL queries with repeated fields may also mitigate exploitation attempts. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1171. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart