Skip to content
Threat Feed
critical advisory

ChilliCream GraphQL Platform Stack Overflow via Deeply Nested GraphQL Documents

ChilliCream GraphQL Platform is vulnerable to a stack overflow exception due to unbounded recursion depth in the Utf8GraphQLParser; a crafted GraphQL document with deeply nested elements can trigger a StackOverflowException, terminating the worker process.

The ChilliCream GraphQL Platform, specifically the Hot Chocolate library, is susceptible to a critical vulnerability stemming from the Utf8GraphQLParser. This parser, lacking recursion depth limits, can be exploited by a malicious actor sending crafted GraphQL documents containing deeply nested selection sets, object values, list values, or list types. Successful exploitation leads to a StackOverflowException, an uncatchable error in .NET, which immediately terminates the worker process. This occurs before established validation rules like MaxExecutionDepth or complexity analyzers can engage, rendering them ineffective. Payloads as small as 40KB can trigger this vulnerability. Patches have been released to address this issue in versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14. This vulnerability poses a significant threat to the availability of affected GraphQL services.

Attack Chain

  1. An attacker crafts a malicious GraphQL document with deeply nested elements (selection sets, object values, list values, or list types) to exploit the lack of recursion depth limits in the Utf8GraphQLParser.
  2. The attacker sends the crafted GraphQL document as an HTTP request to the GraphQL endpoint of a vulnerable ChilliCream Hot Chocolate application.
  3. The Utf8GraphQLParser.Parse method is invoked to parse the incoming GraphQL document.
  4. Due to the deeply nested structure of the malicious document, the recursive descent parser enters an uncontrolled recursion, rapidly consuming stack space.
  5. The recursion continues until a StackOverflowException is triggered, exceeding the stack limit.
  6. Because StackOverflowException is uncatchable in .NET, the entire worker process is immediately terminated.
  7. All in-flight HTTP requests, background IHostedService tasks, and open WebSocket subscriptions on that worker are dropped, leading to denial of service.
  8. The orchestrator (Kubernetes, IIS, etc.) detects the terminated process and restarts it, but the vulnerability can be re-exploited, leading to a persistent denial-of-service condition.

Impact

The primary impact of this vulnerability is denial of service. Exploitation leads to the immediate termination of the worker process handling GraphQL requests. All active requests, background tasks, and WebSocket subscriptions are dropped. Since the exception is uncatchable, a restart is required, which an attacker can trigger repeatedly. A relatively small, crafted payload of around 40KB can be used to trigger the vulnerability. The sectors most affected are those relying on ChilliCream GraphQL Platform for critical services.

Recommendation

  • Immediately upgrade the HotChocolate.Language NuGet package to the patched versions: 12.22.7, 13.9.16, 14.3.1, or 15.1.14, as indicated in the advisory to remediate CVE-2026-40324.
  • Implement request body size limits at the reverse proxy or load balancer layer as a defense-in-depth measure. Be aware that the smallest crashing payload is 40KB, and it is highly compressible.
  • Monitor application logs for frequent unexpected process terminations, which could indicate exploitation attempts.

Detection coverage 3

Detect GraphQL Stack Overflow Attempt via HTTP Request Size

medium

Detects abnormally large HTTP requests to GraphQL endpoints, potentially indicating a stack overflow attempt.

sigma tactics: availability techniques: T1499.004 sources: webserver, linux

Detect GraphQL Stack Overflow Attempt via HTTP Compression Ratio

medium

Detects abnormally high HTTP compression ratios for GraphQL requests, which may indicate deeply nested structures.

sigma tactics: availability techniques: T1499.004 sources: webserver, linux

Detect Frequent Application Restarts

medium

Detects frequent application restarts, which may be a symptom of the GraphQL stack overflow vulnerability exploitation.

sigma tactics: availability techniques: T1499.004 sources: application, kubernetes

Detection queries are available on the platform. Get full rules →