Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2Blast Radius
ecosystem impact- 6 npm packages depend on @keystone-6/core (6 direct, 0 indirect)
Ecosystem-wide dependent count for version 6.5.3.
DescriptionCVE.org
A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attack remotely. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance.
AnalysisAI
Uncontrolled resource consumption in KeystoneJS's GraphQL API endpoint allows a remotely authenticated attacker with low-privilege credentials to degrade server availability by submitting deeply nested GraphQL queries that exhaust CPU or memory without bound. Versions up to snapshot 20260319 of the @keystone-6/core package are affected. A public proof-of-concept exists (CVSS E:P), though the vulnerability is not listed in CISA KEV and carries a CVSS 4.0 score of 2.1 - indicating limited real-world severity under most deployments.
Technical ContextAI
KeystoneJS is an open-source Node.js headless CMS framework that auto-generates a GraphQL API from a user-defined schema. The root cause (CWE-400: Uncontrolled Resource Consumption) is the absence of GraphQL query depth limiting in the Apollo Server integration within packages/core/src/lib/express.ts. Without a depth cap, a single query with arbitrarily deep field nesting forces the server to perform recursive resolution, potentially exhausting CPU and memory. The PR diff confirms the fix involves integrating the graphql-depth-limit library, injecting depthLimit(config.graphql.maxDepth ?? 20) as a GraphQL validation rule, and exposing a configurable maxDepth option (defaulting to 20) in the Keystone config type. The specific file flagged in the CVE description - packages/core/src/lib/core/queries/output-field.ts - is part of the query resolution pipeline that processes output fields, which is where unbounded depth manifests during execution.
RemediationAI
No vendor-released patch version has been confirmed at time of analysis - the fix exists as unmerged pull request #9831 (https://github.com/keystonejs/keystone/pull/9831), which was noted as awaiting acceptance. Operators should monitor the PR for merge and subsequent npm release of @keystone-6/core. As an immediate compensating control, manually install graphql-depth-limit and inject it as a custom Apollo validation rule in your Keystone configuration's graphql.apolloConfig.validationRules array - this replicates the fix without waiting for the upstream release. Additionally, restrict access to the GraphQL API endpoint to trusted authenticated users via network controls or middleware, and consider rate-limiting GraphQL POST requests at a reverse proxy to reduce the blast radius of repeated abuse. Note that proxy-level rate limiting will not prevent a single oversized query from triggering the issue; client-side validation or depth limiting at the application layer is the more effective control.
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34244
GHSA-45jq-c8xm-jfw9