appsec.fyi

GraphQL Resources

Post Share

A curated AppSec resource library covering XSS, SQLi, SSRF, IDOR, RCE, XXE, OSINT, and more.

GraphQL

GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. It gives clients the power to ask for exactly what they need, makes it easier to evolve APIs over time, and enables powerful developer tools.

From a security perspective, GraphQL introduces a unique attack surface that differs significantly from traditional REST APIs. Introspection queries can expose the entire schema — every type, field, and relationship — giving attackers a detailed map of the application's data model. Deeply nested queries enable denial-of-service through resource exhaustion, while batch queries can bypass rate limiting designed for REST endpoints.

Common GraphQL security issues include broken authorization on field-level resolvers, information disclosure through verbose error messages, and injection vulnerabilities in custom directives or filters. Many applications disable introspection in production but forget to restrict it in staging environments, or expose schema details through autocomplete suggestions.

Testing GraphQL requires specialized tools and techniques. Unlike REST APIs where endpoints are enumerable, GraphQL consolidates everything behind a single endpoint, requiring schema-aware fuzzing and query manipulation.

This page collects security research, testing methodologies, and real-world vulnerabilities specific to GraphQL APIs — from introspection abuse to authorization bypasses and injection attacks.

From graphql.org

Read the GraphQL guideA long-form, source-cited deep dive synthesized from every resource below.
Date Added Link Excerpt
2026-06-30 NEW 2026The Red Agent POV: Exploiting Broken Object-Level Authorization in an Airline GraphQL API intermediate 6 min read AuthZLibrary for discovering and exploiting Broken Object-Level Authorization (BOLA) vulnerabilities in GraphQL APIs. This resource details a Red Agent's autonomous exploitation of an airline's booking API, demonstrating how predictable integer identifiers combined with a lack of backend authorization checks allowed for the mass extraction and modification of sensitive passenger data, including names, dates of birth, billing addresses, masked credit cards, and live flight itineraries. The exploit achieved full read and write capabilities over active travel plans within minutes, highlighting the inadequacy of traditional security tools against such logic flaws. → wiz.io
2026-06-29 NEW 2026The Red Agent POV: Exploiting Broken Object-Level Authorization in an Airline GraphQL API intermediate 6 min readLibrary for identifying Broken Object-Level Authorization (BOLA) vulnerabilities, exemplified by an airline's GraphQL booking API exploit. The Red Agent autonomously discovered mass data extraction and write capabilities by manipulating sequential booking IDs without backend authorization checks. This bypass allows unauthenticated access to passenger details, flight itineraries, and payment information, highlighting the critical need for strict object-level access controls on API resolvers. → wiz.io
2026-06-28 NEW 2026Burger King accused of silencing security researcher with copyright claim newsBurger King is accused of using a copyright claim to silence a security researcher. The researcher reportedly found a vulnerability, and Burger King responded by filing a DMCA (Digital Millennium Copyright Act) takedown notice, effectively removing the researcher's findings. This action is seen by some as an attempt to prevent public disclosure of security flaws rather than addressing them. The specific nature of the vulnerability or any payout amounts are not detailed in the provided content.
2026-06-19 2026CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED) news 5 min readWriteup of CVE-2021-4191, a GitLab GraphQL API vulnerability, details how remote, unauthenticated attackers could enumerate usernames, names, and email addresses. This information leak, classified as CWE-359, enables attackers to build user lists for brute-force attacks and sophisticated phishing campaigns. The article discusses the vulnerability's introduction in GitLab versions 13.0, outlines exploitation methods via the `/api/graphql` endpoint, and provides a Python script for user enumeration. Mitigation advice includes patching GitLab instances and disabling public profiles. → rapid7.com
2026-06-10 2026How GraphQL Mutation Aliasing Led to a $12,500 DoS Bug in HackerOne’s Account Recovery Flow intermediate Bug BountyA researcher discovered a Denial of Service (DoS) bug in HackerOne's account recovery process due to a feature in GraphQL called mutation aliasing. This behavior allowed an attacker to trigger multiple, recursive mutations, overwhelming the system and preventing legitimate users from recovering their accounts. HackerOne acknowledged the vulnerability and awarded the researcher $12,500 for their findings. → infosecwriteups.com
2026-06-02 2026GitLab Patches Multiple Duo AI DoS and Authorization Flaws in Community and Enterprise Edition newsGitLab has released security updates to address critical vulnerabilities affecting its Duo AI, Denial-of-Service (DoS), and authorization features. These flaws, present in both Community and Enterprise Editions, could allow attackers to disrupt service or gain unauthorized access. Users are strongly advised to update to the latest versions to mitigate these risks. No specific bounty payout amounts were mentioned in the provided content. → cybersecuritynews.com
2026-05-29 2026GitLab Patches Multiple Duo AI DoS and Authorisation Vulnerabilities news 1 min readPatches for GitLab CE/EE address seven vulnerabilities, including Duo AI authorization flaws and Wiki denial-of-service. CVE-2026-4868, a critical flaw, allows authenticated users to impersonate others via Duo AI workflows. Medium-severity issues impact GraphQL, Operations, Pipelines, and authentication, potentially exposing private data or bypassing access controls. Self-managed installations require immediate upgrades to versions 19.0.1, 18.11.4, or 18.10.7. → gbhackers.com
2026-05-18 2026TanStack npm Packages Hit by Mini Shai-Hulud news 12 min readLibrary for securing npm supply chains, detailing the "Mini Shai-Hulud" attack that compromised TanStack packages. This incident, attributed to TeamPCP, exploited a chained vulnerability involving GitHub Actions' `pull_request_target` trigger for cache poisoning and OIDC token extraction via memory dumping, resulting in malicious packages with SLSA provenance. The attack utilized an injected `router_init.js` payload executed via lifecycle hooks, affecting numerous downstream projects including Mistral AI and UiPath, with CVE-2026-45321 being a critical vulnerability. → snyk.io
2026-05-15 2026DarkMoon AI-Powered Autonomous Penetration Testing Platform With 50 Tools beginner 2 min readPlatform for AI-powered autonomous penetration testing, DarkMoon integrates over 50 offensive security tools orchestrated by a multi-agent AI architecture. It autonomously assesses targets by discovering services, modeling attack surfaces, and deploying specialized agents for CMS (WordPress, Drupal), web stacks (PHP, Node.js), Active Directory (NetExec, BloodHound), Kubernetes (kubectl, Kubescape), and GraphQL. Tools like Naabu, Masscan, Nuclei, ffuf, sqlmap, WPScan, and Hydra are utilized within an isolated Docker environment, managed by a Model Context Protocol interface to ensure secure execution. → cybersecuritynews.com
2026-04-22 2026CVE-2025-59845: CSRF Vulnerability in Apollo Studio Embeddable Explorer and Sandbox news 1 min readWriteup of CVE-2025-59845, a high-severity CSRF vulnerability in Apollo Studio Embeddable Explorer and Sandbox. Exploiting a lack of origin validation for `window.postMessage` events, attackers can trick user browsers into executing arbitrary GraphQL queries against vulnerable servers, potentially leading to system compromise or data leakage. Organizations using affected versions prior to Apollo Sandbox 2.7.2 and Apollo Explorer 3.7.3 should apply vendor patches immediately.
2026-04-22 2026CVE-2025-31496: GraphQL Query Vulnerability in Apollo Compiler Leading to DoS news 1 min readWriteup of CVE-2025-31496, a denial-of-service vulnerability in the Apollo Compiler affecting versions prior to 1.27.0. The exploit leverages a flaw in how named fragments are handled during query validation, leading to exponential resource consumption when fragments are deeply nested and reused. Attackers can craft specific GraphQL queries to trigger this vulnerability, potentially causing system compromise or data leakage.
2026-04-22 2026The 16-Hour Window: Catching a GraphQL Authorization Flaw intermediateThe 16-Hour Window: Catching a GraphQL Authorization Flaw
2026-04-22 2026GraphQLer: Context-Aware GraphQL API Fuzzing Tool intermediate 7 min readTool for context-aware GraphQL API fuzzing. GraphQLer automatically reads API schemas, generates valid queries and mutations based on the schema and object dependencies, and tracks resources for reconnaissance. It can detect insecure direct object reference (IDOR) vulnerabilities using dual-profile chain replay and offers an interactive TUI for ease of use, with optional proxy support for Burp Suite or OWASP ZAP.
2026-04-22 2026Exploiting GraphQL Query Depth intermediate 2 min readArticle on exploiting GraphQL query depth, demonstrating how nested object requests can lead to Denial of Service (DoS) attacks against applications like the Damn Vulnerable GraphQL Application. It highlights the performance degradation caused by deep recursion and references OWASP GraphQL Cheat Sheet and Apollo blog posts for remediation techniques such as setting timeouts, maximum depth, or query complexity thresholds. → checkmarx.com
2026-04-22 2026Exploiting Broken Authentication Control in GraphQL intermediate 3 min readWriteup of a privilege escalation vulnerability in a financial application's GraphQL API, demonstrating how broken authentication and authorization controls allowed an attacker to gain administrative privileges. The attack involved enumerating administrative usernames using Burp Suite Intruder and then substituting an authorized username into a `brassCheckAccess` query. Recommendations include validating usernames against requesting user session tokens and implementing directive constraints and middleware for input sanitization.
2026-04-22 2026Didn't Notice Your Rate Limiting: GraphQL Batching Attack intermediate 6 min readWriteup detailing the GraphQL Batching Attack, a vulnerability where improperly implemented rate limiting allows attackers to bypass restrictions. This attack leverages GraphQL's batching feature, enabling multiple queries within a single HTTP request, to perform actions like server-side object enumeration or brute-force attacks. The article demonstrates how an attacker can submit numerous login mutations simultaneously, bypassing per-request rate limits and potentially gaining unauthorized access, as seen in the example of cracking a password from a list of common ones. → checkmarx.com
2026-04-22 2026Avoid GraphQL Denial-of-Service Attacks through Batching and Aliasing intermediate 3 min readLibrary for securing GraphQL APIs, addressing denial-of-service (DoS) attacks and credential brute-forcing enabled by batching and aliases. Batch attacks bypass traditional rate limiting by executing numerous operations within a single API call, overwhelming servers and facilitating unauthorized access. This library, including the open-source GraphQL Armor plugin and a specialized scanner, helps identify and mitigate these vulnerabilities by enforcing query validation and limiting alias usage. → escape.tech
2026-04-22 2026API Threat Research: GraphQL Authorization Flaws in a FinTech Platform intermediateAPI Threat Research: GraphQL Authorization Flaws in a FinTech Platform
2026-04-22 2026Apollo Router Query Planner Excessive Resource Consumption via Named Fragment Expansion (CVE-2025-32034) newsLibrary patch addressing CVE-2025-32034 in Apollo Router, which allowed excessive resource consumption via named fragment expansion during query planning. The vulnerability stemmed from fragments being expanded exponentially with deep nesting. The fix introduces a Query Fragment Expansion Limit metric to cap computation, with remediation available in apollo-router versions 1.61.2 and 2.1.1. A workaround involves safelisting queries.
2026-04-19 2026PayloadsAllTheThings — GraphQL Injection intermediate 9 min readLibrary for GraphQL injection attacks, detailing introspection queries and tools like `GraphQLmap`, `inql`, and `CrackQL`. It covers techniques for enumerating schema details, identifying entry points to specific types using `graphql-path-enum`, and discovering API endpoints like `/graphql` and `/graphiql`. The library also provides strategies for handling disabled introspection and brute-forcing keywords with wordlists.
2026-04-19 2026Approaching GraphQL End Points — Bug Bounty Notes intermediateApproaching GraphQL End Points — Bug Bounty Notes
2026-04-19 2026DoS via Mutation Aliasing in GraphQL — HackerOne Disclosure intermediate 2 min readWriteup detailing a Denial-of-Service (DoS) vulnerability in a HackerOne-reported GraphQL API, specifically targeting account recovery phone number verification. The flaw arises from mutation aliasing, allowing a single request to execute the `verifyAccountRecoveryPhoneNumber` mutation multiple times, leading to server-side resource exhaustion and service degradation for legitimate users. Recommendations include implementing hard caps on mutation aliases and per-request quotas for expensive operations.
2026-04-19 2026GraphQL API Vulnerabilities Learning Path — PortSwigger beginnerGraphQL API Vulnerabilities Learning Path — PortSwigger → portswigger.net
2026-04-19 2026GraphQL Introspection Security: Lessons from the Parse Server Vulnerability intermediate 4 min readReference on GraphQL introspection security, lessons learned from CVE-2025-53364 in Parse Server, highlights that disabling introspection is not a comprehensive solution. The vulnerability allowed public schema access, aiding targeted attacks. Secure introspection through authentication and RBAC, avoiding public exposure. While useful for development and public APIs, introspection can be bypassed via field suggestion or traffic analysis. Consider disabling it for private APIs if not needed, but otherwise focus on controlled access and automated testing with tools like Escape. → escape.tech
2026-04-17 2026Hasura GraphQL 1.3.3 Local File Read via SQL Injection intermediateAdvisory detailing a local file read vulnerability in Hasura GraphQL 1.3.3, exploitable via SQL injection. Attackers can leverage the `pg_read_file()` function through crafted queries on the query endpoint to access arbitrary files on the server, impacting systems running this version.
2026-04-17 2026Discovering GraphQL endpoints and SQLi vulnerabilities intermediateDiscovering GraphQL endpoints and SQLi vulnerabilities
2026-04-17 2026HackerOne Report #435066: SQL injection in GraphQL endpoint newsHackerOne Report #435066: SQL injection in GraphQL endpoint → hackerone.com
2026-04-17 2026Prisma and PostgreSQL vulnerable to NoSQL injection? (Aikido) intermediate 4 min readLibrary vulnerability analysis demonstrating how Prisma ORM, even with PostgreSQL, is susceptible to operator injection, commonly known as NoSQL injection. This occurs when user input is passed to query functions supporting string-based operators, such as `findFirst`, `findMany`, `updateMany`, and `deleteMany`. The analysis highlights exploits and recommends prevention techniques including casting user input to primitive data types, implementing robust server-side validation with libraries like Zod, and keeping ORMs like Prisma and Sequelize updated to benefit from security fixes. → aikido.dev
2026-04-17 2026GraphQL Security: 9 Best Practices to Protect Your API (Escape) beginner 9 min readLibrary for protecting GraphQL APIs from common vulnerabilities. It details techniques for disabling introspection, implementing robust authorization and authentication at the resolver level, and mitigating denial-of-service attacks through query whitelisting, depth limiting, and complexity analysis. Examples include using Apollo Server with `introspection: process.env.NODE_ENV !== 'production'`, implementing `authMiddleware`, and utilizing libraries like `graphql-depth-limit`. → escape.tech
2026-04-17 2026Authorization in GraphQL (Apollo) intermediate 9 min readReference on authorization in GraphQL via Apollo, covering authentication versus authorization, obtaining user data from requests, schema-level authorization by throwing errors in the context function, and granular authorization within resolvers by checking user roles before returning data or calling data retrieval functions.
2026-04-17 20269 Ways To Secure your GraphQL API - Apollo Checklist beginner 10 min readChecklist of 9 security measures for GraphQL APIs, detailing strategies for authentication and authorization using JWTs, reducing attack surface area by limiting query depth with `graphql-depth-limit`, paginating list fields, improving input validation and sanitization, implementing timeouts, rate limiting, query cost analysis, and safelisting operations via automatic persisted queries. It also covers limiting API discoverability by disabling introspection in production.
2026-04-17 2026Enforcing GraphQL security best practices with GraphOS beginner 4 min readLibrary for enforcing GraphQL security best practices with GraphOS. This library enables centralized authorization in the router, safelisting registered operations to reduce surface area, and limiting operation complexity via depth, height, aliases, and root fields. It leverages directives like `@requiresScopes` and `@authenticated` for declarative access control, and supports JWT authentication for adding claims to request contexts.
2026-04-17 2026Apollo Authentication and Authorization Docs beginner 10 min readLibrary for implementing authentication and authorization in GraphQL APIs, demonstrating how to extract user tokens from HTTP headers, populate the `contextValue` with user information, and implement API-wide or field-level access control using roles. The documentation covers techniques for denying access via `GraphQLError` and conditionally returning data within resolvers based on user authentication status.
2026-04-17 2026Securing GraphQL API endpoints using rate limits and depth limits (LogRocket) intermediate 9 min readLibrary implementing rate and depth limiting for Node.js GraphQL APIs. This library leverages Redis for storing rate-limiting data and offers directives to apply limits directly within your GraphQL schema. It supports identifying clients by IP address or other unique identifiers, customizes error messages when limits are exceeded, and integrates with GraphQL servers like GraphQL Yoga and Apollo. → blog.logrocket.com
2026-04-17 2026Cyclic Queries and Depth Limiting (Escape) intermediate 7 min readLibrary for mitigating denial-of-service attacks against GraphQL APIs by limiting query depth and execution time. It details how malicious queries can exploit cyclic relationships in graph databases, leading to performance degradation and resource exhaustion. The library, through tools like `graphql-depth-limit` for Apollo, Express GraphQL, and GraphQL Node, and configuration options for Hasura Cloud and Graphene, enables developers to set maximum query depths and timeouts, ensuring application stability while maintaining usability. → escape.tech
2026-04-17 2026IDOR Vulnerability In GraphQL Api On inmobi.com intermediateIDOR Vulnerability In GraphQL Api On inmobi.com
2026-04-17 2026Exploiting GraphQL: Complete Guide for Bug Bounty Hunters beginnerExploiting GraphQL: Complete Guide for Bug Bounty Hunters
2026-04-17 2026Exploiting GraphQL for fun and bounties (BugBase) beginnerExploiting GraphQL for fun and bounties (BugBase)
2026-04-17 2026GraphQL for Bug Bounty (Mudhalai Mr) beginnerGraphQL for Bug Bounty (Mudhalai Mr)
2026-04-17 2026GraphQL IDOR leads to information disclosure (Eshan Singh) intermediateGraphQL IDOR leads to information disclosure (Eshan Singh)
2026-04-17 2026Bug Bounty: BAC in GraphQL (10 Major Vulns - Cloverleaf) intermediateBug Bounty: BAC in GraphQL (10 Major Vulns - Cloverleaf)
2026-04-17 2026Exploiting GraphQL for Penetration Testing (Raxis) intermediate 5 min readWriteup on exploiting GraphQL introspection for penetration testing, detailing how this feature, intended for development, can expose sensitive schema information in production. It highlights common vulnerabilities like SQL injection and batch attacks, but focuses on introspection as an easy attack vector. The article demonstrates using tools like Burp Suite with the GraphQL Raider plugin and CURL to query schema details and discover fields such as "allUsers." It also notes how descriptive error messages can aid attackers, and advises disabling introspection in production environments to mitigate these risks.
2026-04-17 2026OWASP WSTG: Testing GraphQL beginner 12 min readLibrary detailing OWASP Web Security Testing Guide (WSTG) v4.2 procedures for testing GraphQL APIs. It covers introspection queries, authorization testing, and generic API attacks like SQL injection, using tools such as GraphQL Voyager, GraphiQL, and GraphQL Playground to assess misconfigurations and identify vulnerabilities on systems like the poc-graphql application. → owasp.org
2026-04-17 2026Exploiting GraphQL Vulnerabilities: Misconfig to Data Leaks intermediateLibrary for identifying and exploiting GraphQL misconfigurations. It details how improper setups can lead to unauthorized data access, sensitive information disclosure, and mass enumeration of private data, referencing a real-world bug bounty discovery. The entry provides insight into how attackers leverage these vulnerabilities and offers guidance on securing GraphQL APIs against such threats.
2026-04-16 2026BatchQL: GraphQL Security Auditing for Batch Attacks intermediate 2 min readTool for auditing GraphQL security via batch attacks, BatchQL facilitates performing numerous queries and mutations in a single request. It aids in discovering introspection query support, schema suggestions, and potential CSRF vulnerabilities. The script supports JSON list-based batching attacks, allowing for testing against functionalities like password resets to bypass rate limiting. BatchQL can utilize embedded variables or provided JSON input for attack scenarios.
2026-04-16 2026InQL: Advanced GraphQL Security Testing Burp Extension intermediate 3 min readLibrary for advanced GraphQL security testing, InQL integrates with Burp Suite. It offers a scanner for auto-generating queries and mutations, customizable scans with 'Points of Interest' analysis for vulnerability detection, and circular reference detection. InQL also supports batch queries, custom headers, engine fingerprinting even when introspection is disabled, and interactive schema visualization through GraphiQL and GraphQL Voyager.
2026-04-16 2026Exploiting CSRF in GraphQL Applications intermediateExploiting CSRF in GraphQL Applications
2026-04-16 2026GraphQL Vulnerabilities Cheat Sheet beginnerGraphQL Vulnerabilities Cheat Sheet → 0xn3va.gitbook.io
2026-04-16 2026Exploiting GraphQL (Assetnote Research) intermediate 6 min readTool for auditing GraphQL APIs, BatchQL, detects introspection, schema suggestions, and CSRF. It enables JSON list-based batching attacks to bypass rate limiting on functionalities like password resets. Techniques also cover query name-based batching and leveraging tools like Clairvoyance to recover schemas when introspection is disabled. → assetnote.io
2026-04-16 2026GraphQL Discovery: Pentesting 101 Guide beginner 5 min readGuide on GraphQL discovery for penetration testing, this installment of the "Pentesting GraphQL 101" series details techniques for understanding endpoint limits, determining verbosity, and fetching API schema information through methods like basic queries, mutation checks for CSRF, aliasing, and character limits. It highlights the importance of query timing and error analysis, recommending tools like Altair for interaction and leveraging introspection or "did you mean" suggestions for schema discovery, referencing the `awesome-graphql-security` list for resources. → escape.tech

Frequently Asked Questions

How is GraphQL security different from REST?
GraphQL consolidates all operations behind a single endpoint, making traditional API enumeration ineffective. Unique risks include schema introspection exposure, deeply nested query denial-of-service, batch query abuse to bypass rate limiting, and field-level authorization gaps in resolvers.
Should you disable GraphQL introspection in production?
Yes, disabling introspection in production is a recommended security practice. It prevents attackers from mapping your entire schema, including types, fields, and relationships. However, schema details can still leak through error messages, autocomplete, and field suggestion features.
What tools are used to test GraphQL security?
Common tools include GraphQL Voyager for schema visualization, InQL for Burp Suite integration, graphql-cop for automated security testing, and Clairvoyance for schema reconstruction when introspection is disabled. Manual testing with crafted queries remains essential.

Weekly AppSec Digest

Get new resources delivered every Monday.