CVE-2026-32621P2CRITICALCVSS 9.9v>= 2.13.0-preview.0, < 2.13.2·v>= 2.12.0-preview.0, < 2.12.3+3 more2026-03-16
CVE-2026-32621 [CRITICAL] CWE-1321 CVE-2026-32621: Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to
Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within the gateway that may allow pollution of Object.prototype in certain scenarios. A malicious client may be able to pollute Object.prototype in gateway d
ghsanvdosv