CVE-2026-1173CRITICAL 9.8EPSS p47.5%

CVE-2026-1173CVE-2026-1173

Description

A vulnerability was found in birkir prime up to 0.4.0.beta.0. The impacted element is an unknown function of the file /graphql of the component GraphQL Array Based Query Batch Handler. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.68% probability of exploitation · percentile 47.5% · 2026-06-19T12:03:05Z
Published2026-01-19
Last modified2026-02-23

Underlying weaknesses· 1

CWE-404

References

  1. https://github.com/birkir/prime/
  2. https://github.com/birkir/prime/issues/544
  3. https://vuldb.com/?ctiid.341767
  4. https://vuldb.com/?id.341767
  5. https://vuldb.com/?submit.731104

1

TypeTargetConfidenceTier
WeaknessImproper Resource Shutdown or Releasecwe-4040%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-1169
CVE
CVE-2026-10802
CVE
CVE-2026-2339
CVE
BerriAI LiteLLM SQL Injection Vulnerability
CVE
CVE-2026-1144
CVE
CVE-2026-1145
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.