Cyber Resilience

CVE-2026-32621

Critical

Published: 16 March 2026

Published
16 March 2026
Modified
16 March 2026
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
EPSS Score 0.0051 39.6th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-32621 is a critical-severity Prototype Pollution (CWE-1321) vulnerability. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 39.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-32621 is a prototype pollution vulnerability (CWE-1321) in the query plan execution of the Apollo Federation gateway, an architecture for composing APIs into a unified graph. It affects Apollo Federation versions prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2.

The vulnerability can be exploited over the network by a malicious client with low privileges (PR:L), requiring low attack complexity and no user interaction. Attackers can pollute Object.prototype directly in the gateway by crafting GraphQL operations with field aliases or variable names targeting prototype-inheritable properties. Alternatively, a compromised subgraph can achieve the same by crafting JSON response payloads targeting those properties. Successful exploitation enables high confidentiality and integrity impacts with low availability impact and changed scope, as scored at CVSS 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L).

The issue is addressed in Apollo Federation versions 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2. Additional mitigation details are available in the GitHub security advisory at https://github.com/apollographql/federation/security/advisories/GHSA-pfjj-6f4p-rvmh.

EU & UK References

Vulnerability details

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within the gateway that may allow pollution of Object.prototype in certain scenarios.…

more

A malicious client may be able to pollute Object.prototype in gateway directly by crafting operations with field aliases and/or variable names that target prototype-inheritable properties. Alternatively, if a subgraph were to be compromised by a malicious actor, they may be able to pollute Object.prototype in gateway by crafting JSON response payloads that target prototype-inheritable properties. This vulnerability is fixed in 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The CVE describes a remotely exploitable prototype pollution flaw in the Apollo Federation gateway (a public-facing GraphQL API composition layer) that can be triggered by unauthenticated or low-privileged network clients via crafted operations. This directly matches the definition of T1190 (Exploit Public-Facing Application) for gaining unauthorized access or achieving confidentiality/integrity impacts.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-29063Shared CWE-1321
CVE-2026-24888Shared CWE-1321
CVE-2026-28794Shared CWE-1321
CVE-2026-45302Shared CWE-1321
CVE-2026-8657Shared CWE-1321
CVE-2025-61140Shared CWE-1321
CVE-2024-57077Shared CWE-1321
CVE-2026-34221Shared CWE-1321
CVE-2026-35209Shared CWE-1321
CVE-2026-33994Shared CWE-1321

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventrecover

Directly mitigates the prototype pollution vulnerability by requiring timely remediation through patching to Apollo Federation versions 2.9.6, 2.10.5, 2.11.6, 2.12.3, or 2.13.2.

prevent

Enforces validation of GraphQL operations and JSON payloads to reject or sanitize crafted field aliases, variable names, or responses targeting prototype-inheritable properties.

prevent

Implements memory safeguards to protect against prototype pollution's manipulation of shared objects like Object.prototype, reducing potential for integrity and confidentiality impacts.

References