CVE-2026-1175
Published: 19 January 2026
Summary
CVE-2026-1175 is a medium-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Birkir Prime. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique System Information Discovery (T1082); ranked at the 16.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Monitoring directly detects unauthorized disclosure of sensitive information, enabling response to exposures.
Obscuring authentication feedback prevents exposure of sensitive information such as valid usernames or failure reasons to unauthorized actors.
Concealment techniques directly prevent real sensitive data from being exposed to adversaries.
Restricts error message visibility to authorized recipients, directly reducing unauthorized exposure of sensitive information.
Filtering output to only permitted content stops unintended disclosure of sensitive information to unauthorized actors.
Automated marking applies security attributes to system outputs, making it harder for attackers to exploit unmarked sensitive information leading to unauthorized exposure.
Proper attribute retention and permitted-value enforcement limits unauthorized actors from accessing sensitive information lacking correct labels.
Prevents unauthorized exposure of sensitive information by prohibiting untrusted external systems from processing or storing it.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability is a remote info disclosure in a public-facing GraphQL endpoint; directly enables T1190 exploitation and T1082 system/configuration discovery via error messages.
NVD Description
A vulnerability was identified in birkir prime up to 0.4.0.beta.0. This impacts an unknown function of the file /graphql of the component GraphQL Directive Handler. Such manipulation leads to information exposure through error message. The attack may be performed from…
more
remote. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
Deeper analysisAI
CVE-2026-1175 is a vulnerability in the birkir prime project, affecting versions up to 0.4.0.beta.0. It impacts an unknown function within the /graphql file of the GraphQL Directive Handler component, where manipulation results in information exposure through error messages. The issue aligns with CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) and CWE-209 (Generation of Error Message Containing Sensitive Information), carrying a CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
A remote attacker with no privileges or user interaction required can exploit this vulnerability over the network with low complexity. Successful exploitation enables partial disclosure of confidential information via error messages, potentially revealing sensitive details about the application's internals or configuration.
Advisories reference the project's GitHub repository at https://github.com/birkir/prime/ and issue #546 at https://github.com/birkir/prime/issues/546, where the problem was reported early. VulDB entries (https://vuldb.com/?ctiid.341769, https://vuldb.com/?id.341769, https://vuldb.com/?submit.731106) note no response from the project maintainers and no patches or mitigations disclosed to date.
The exploit is publicly available and might be used in attacks, as the vulnerability was published on 2026-01-19.
Details
- CWE(s)