PT-2026-3473 · Unknown · Birkir Prime
Zast.Ai
·
Published
2026-01-19
·
Updated
2026-03-19
·
CVE-2026-1170
CVSS v4.0
5.5
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
birkir prime versions prior to 0.4.0.beta.0
Description
A security issue exists in birkir prime related to the GraphQL API component. A manipulation of the
/graphql file processing can lead to information disclosure. The issue may be exploited remotely. The exploit is publicly available. The project was notified of the issue but has not yet responded.Recommendations
Update birkir prime to a version newer than 0.4.0.beta.0.
Exploit
Fix
Improper Access Control
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Birkir Prime