CVE-2026-3118

A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2026-3118	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2442273	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:developer_hub:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-02-25 12:16

Updated : 2026-02-27 17:47

NVD link : CVE-2026-3118

Mitre link : CVE-2026-3118

CVE.ORG link : CVE-2026-3118

JSON object : View

Products Affected

redhat

developer_hub

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2026-3118", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2026-02-25T12:16:17.957", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-3118", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442273", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform."}, {"lang": "es", "value": "Se identific\u00f3 un fallo de seguridad en el Plugin Orchestrator de Red Hat Developer Hub (Backstage). El problema ocurre debido a una validaci\u00f3n de entrada insuficiente en el manejo de consultas GraphQL. Un usuario autenticado puede inyectar una entrada especialmente dise\u00f1ada en las solicitudes de la API, lo que interrumpe el procesamiento de consultas del backend. Esto resulta en que la aplicaci\u00f3n Backstage completa colapse y se reinicie, lo que lleva a una Denegaci\u00f3n de Servicio (DoS) en toda la plataforma. Como resultado, los usuarios leg\u00edtimos pierden temporalmente el acceso a la plataforma."}], "lastModified": "2026-02-27T17:47:55.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:developer_hub:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64C29AF-F32F-4AC1-BC84-276B4024D0C5"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}