Developer Hub
1 CVEs
product
Monthly
Denial of Service in Red Hat Developer Hub's Orchestrator Plugin allows authenticated users to crash the entire Backstage application through malformed GraphQL queries due to insufficient input validation. An attacker can leverage this to temporarily disable platform access for all legitimate users. No patch is currently available to address this vulnerability.
Redhat
Denial Of Service
Developer Hub
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-3118
EPSS 0%
CVSS 6.5
MEDIUM
This Month
Denial of Service in Red Hat Developer Hub's Orchestrator Plugin allows authenticated users to crash the entire Backstage application through malformed GraphQL queries due to insufficient input validation. An attacker can leverage this to temporarily disable platform access for all legitimate users. No patch is currently available to address this vulnerability.
Redhat
Denial Of Service
Developer Hub
NVD