CVE-2026-33286

Critical

Published: 24 March 2026

Published

24 March 2026

Modified

25 March 2026

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS Score 0.0006 17.3th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33286 is a critical-severity Improper Control of Dynamically-Managed Code Resources (CWE-913) vulnerability in Graphiti Graphiti. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mitigates the vulnerability by validating user-supplied JSONAPI relationship names against configured sideloads to block arbitrary method invocation.

AC-3 Access Enforcement good match

prevent

Enforces strong authentication and authorization to prevent unauthenticated attackers from accessing vulnerable Graphiti write endpoints.

SI-2 Flaw Remediation good match

prevent

Remediates the flaw by requiring timely upgrades to Graphiti v1.10.2 or later, eliminating the arbitrary method execution vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1485 Data Destruction Impact

Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.

attack.mitre.org →

T1565 Data Manipulation Impact

Adversaries may insert, delete, or manipulate data in order to influence external outcomes or hide activity, thus threatening the integrity of the data.

attack.mitre.org →

Why these techniques?

CVE directly describes unauthenticated remote exploitation of exposed Graphiti JSON:API write endpoints (T1190) via crafted payloads enabling arbitrary public method invocation on models, which facilitates destructive operations (T1485) and data manipulation (T1565) such as deletion or corruption.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI…

payload with arbitrary relationship names to invoke any public method on the underlying model instance, class or its associations. Any application exposing Graphiti write endpoints (create/update/delete) to untrusted users is affected. The `Graphiti::Util::ValidationResponse#all_valid?` method recursively calls `model.send(name)` using relationship names taken directly from user-supplied JSONAPI payloads, without validating them against the resource's configured sideloads. This allows an attacker to potentially run any public method on a given model instance, on the instance class or associated instances or classes, including destructive operations. This is patched in Graphiti v1.10.2. Users should upgrade as soon as possible. Some workarounds are available. Ensure Graphiti write endpoints (create/update) are not accessible to untrusted users and/or apply strong authentication and authorization checks before any write operation is processed, for example use Rails strong parameters to ensure only valid parameters are processed.

Deeper analysisAI

CVE-2026-33286 is an arbitrary method execution vulnerability in the Graphiti framework, which sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 are affected, specifically in Graphiti's JSONAPI write functionality for create, update, and delete operations. The issue stems from the `Graphiti::Util::ValidationResponse#all_valid?` method, which recursively calls `model.send(name)` using relationship names taken directly from user-supplied JSONAPI payloads without validating them against the resource's configured sideloads. This allows invocation of any public method on the underlying model instance, its class, or associated instances or classes. Applications exposing Graphiti write endpoints to untrusted users are vulnerable, with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) and mapped to CWE-913 (Improper Control of Dynamically-Managed Code Resources).

Any unauthenticated remote attacker (PR:N) who can reach an exposed Graphiti write endpoint can exploit this by crafting a malicious JSONAPI payload with arbitrary relationship names. Successful exploitation enables execution of arbitrary public methods, potentially including destructive operations on model instances, classes, or associations, leading to high integrity (I:H) and availability (A:H) impacts such as data corruption, deletion, or other unintended behaviors depending on the application's models.

The vulnerability is patched in Graphiti v1.10.2; users should upgrade as soon as possible. Advisories recommend workarounds including ensuring Graphiti write endpoints are not accessible to untrusted users, applying strong authentication and authorization checks before processing write operations, and using Rails strong parameters to validate only permitted parameters. Details are available in the GitHub security advisory (GHSA-3m5v-4xp5-gjg2), release notes for v1.10.2, and the patching commit (ddb5ad2b69330774bd1a47935ed89a9fe4396a54).