0.4.1
CVE-2025-15550 describes a cross-site request forgery (XSRF) vulnerability discovered in birkir prime. This vulnerability allows attackers to craft malicious GET requests targeting the GraphQL endpoint, potentially leading to unauthorized actions against privileged users. The vulnerability impacts versions 0.0 through 0.4.0.beta.0 of birkir prime, and a fix is expected in a future release.
The XSRF vulnerability in birkir prime allows an attacker to trick a legitimate user into unknowingly executing actions on their behalf. By crafting a malicious GET request and enticing a user to click a link or visit a compromised page, an attacker can manipulate GraphQL query parameters to trigger actions as that user. This could include data modification, privilege escalation, or other unauthorized operations, depending on the user's permissions and the available GraphQL queries. The potential blast radius is significant, especially if privileged users are targeted, as an attacker could gain control over sensitive data or system functionalities.
CVE-2025-15550 was publicly disclosed on 2026-01-29. Currently, there are no known public proof-of-concept exploits available. The EPSS score is pending evaluation. No active campaigns targeting this vulnerability have been reported at this time. Further investigation and monitoring are recommended.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
CVSS Vector
Due to the lack of a specific fixed version, immediate mitigation strategies are crucial. Implement strict input validation and output encoding on all GraphQL queries to prevent malicious parameter manipulation. Consider implementing anti-CSRF tokens for all sensitive operations within the GraphQL endpoint. Web application firewalls (WAFs) configured to detect and block suspicious GET requests targeting the GraphQL endpoint can provide an additional layer of protection. Regularly review and audit GraphQL query permissions to minimize the potential impact of successful exploitation. Monitor access logs for unusual activity and patterns indicative of XSRF attacks.
Update to a version later than 0.4.0.beta.0 that fixes the CSRF vulnerability in the GraphQL endpoint. Verify the release notes to confirm that the vulnerability has been addressed. If no patched version is available, consider disabling or restricting access to the GraphQL endpoint until an update is released.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-15550 is a cross-site request forgery (XSRF) vulnerability affecting birkir prime versions 0.0 - 0.4.0.beta.0, allowing attackers to perform unauthorized actions via malicious GET requests to the GraphQL endpoint.
Yes, if you are using birkir prime versions 0.0 through 0.4.0.beta.0 and your GraphQL endpoint is exposed to untrusted users or networks, you are potentially affected by this vulnerability.
A fixed version is not yet available. Mitigate by implementing strict input validation, output encoding, anti-CSRF tokens, and WAF rules to protect the GraphQL endpoint.
Currently, there are no confirmed reports of active exploitation, but vigilance and proactive mitigation are still recommended.
Refer to the birkir prime project's official website or repository for updates and advisories related to CVE-2025-15550.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.