Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Critical GraphQL-Ruby Flaw Exposes Millions to RCE
Malware and Vulnerabilities
March 17, 2025
SecurityOnline
The vulnerability, having a critical CVSS score of 9.1, stems from the way the graphql-ruby gem handles schema loading via GraphQL::Schema.from_introspection and GraphQL::Schema::Loader.load.
Read More
CVE-2025-27407
Remote Code Execution (RCE)
GraphQL
Ruby
graphql-ruby library
Publisher
Previous
Schneider Electric Addresses Critical Flaw in WebHMI Co ...
Malware and Vulnerabilities
Next
Koha Library Systems at High Risk, Patch Immediately
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_619932473.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/5baf_shutterstock_1579747975.jpeg)
