CVE-2026-1175
Information Exposure via Error Message in Birkir Prime GraphQL Directive
Publication date: 2026-01-19
Last updated on: 2026-02-04
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| birkir | prime | to 0.4.0.beta.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-209 | The product generates an error message that includes sensitive information about its environment, users, or associated data. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1175 is an information disclosure vulnerability in birkir prime up to version 0.4.0.beta.0, specifically in the GraphQL Directive Handler at the /graphql endpoint. It allows attackers to extract sensitive information such as instruction names, parameters, and default values defined by the server through GraphQL introspection queries or error messages. This leakage reveals internal schema details, including authentication mechanisms, rate-limiting configurations, and sensitive field markings, which can be used to plan further targeted attacks. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by exposing sensitive internal information about your GraphQL server's schema and security configurations. Attackers can use this information to understand your system's authentication and rate-limiting mechanisms, enabling them to craft precise and targeted attacks. Since the vulnerability can be exploited remotely without authentication and has a publicly available proof-of-concept exploit, it increases the risk of unauthorized information disclosure and potential subsequent attacks. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted GraphQL introspection queries or error-triggering queries to the /graphql endpoint of the birkir prime server. For example, sending a POST request with a GraphQL query attempting to access the "__schema { directive }" field can reveal error messages that expose sensitive schema details. A sample command using curl would be: curl -X POST -H "Content-Type: application/json" --data '{"query":"{ __schema { directive } }"}' http://<target-server>/graphql. Observing error messages that leak directive or schema information indicates the presence of the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Currently, no official response or mitigation has been provided by the project. Immediate steps include restricting access to the /graphql endpoint to trusted users or networks, implementing network-level controls such as firewalls or API gateways to limit exposure, and monitoring for suspicious GraphQL introspection queries or error messages. Considering replacing the affected birkir prime version with an alternative or waiting for an official patch is also advised. [3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.