ChilliCream GraphQL Platform Stack Overflow via Deeply Nested GraphQL Documents
ChilliCream GraphQL Platform is vulnerable to a stack overflow exception due to unbounded recursion depth in the Utf8GraphQLParser; a crafted GraphQL document with deeply nested elements can trigger a StackOverflowException, terminating the worker process.
The ChilliCream GraphQL Platform, specifically the Hot Chocolate library, is susceptible to a critical vulnerability stemming from the Utf8GraphQLParser. This parser, lacking recursion depth limits, can be exploited by a malicious actor sending crafted GraphQL documents containing deeply nested selection sets, object values, list values, or list types. Successful exploitation leads to a StackOverflowException, an uncatchable error in .NET, which immediately terminates the worker process. This occurs before established validation rules like MaxExecutionDepth or complexity analyzers can engage, rendering them ineffective. Payloads as small as 40KB can trigger this vulnerability. Patches have been released to address this issue in versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14. This vulnerability poses a significant threat to the availability of affected GraphQL services.
Attack Chain
- An attacker crafts a malicious GraphQL document with deeply nested elements (selection sets, object values, list values, or list types) to exploit the lack of recursion depth limits in the
Utf8GraphQLParser. - The attacker sends the crafted GraphQL document as an HTTP request to the GraphQL endpoint of a vulnerable ChilliCream Hot Chocolate application.
- The
Utf8GraphQLParser.Parsemethod is invoked to parse the incoming GraphQL document. - Due to the deeply nested structure of the malicious document, the recursive descent parser enters an uncontrolled recursion, rapidly consuming stack space.
- The recursion continues until a
StackOverflowExceptionis triggered, exceeding the stack limit. - Because
StackOverflowExceptionis uncatchable in .NET, the entire worker process is immediately terminated. - All in-flight HTTP requests, background
IHostedServicetasks, and open WebSocket subscriptions on that worker are dropped, leading to denial of service. - The orchestrator (Kubernetes, IIS, etc.) detects the terminated process and restarts it, but the vulnerability can be re-exploited, leading to a persistent denial-of-service condition.
Impact
The primary impact of this vulnerability is denial of service. Exploitation leads to the immediate termination of the worker process handling GraphQL requests. All active requests, background tasks, and WebSocket subscriptions are dropped. Since the exception is uncatchable, a restart is required, which an attacker can trigger repeatedly. A relatively small, crafted payload of around 40KB can be used to trigger the vulnerability. The sectors most affected are those relying on ChilliCream GraphQL Platform for critical services.
Recommendation
- Immediately upgrade the
HotChocolate.LanguageNuGet package to the patched versions: 12.22.7, 13.9.16, 14.3.1, or 15.1.14, as indicated in the advisory to remediate CVE-2026-40324. - Implement request body size limits at the reverse proxy or load balancer layer as a defense-in-depth measure. Be aware that the smallest crashing payload is 40KB, and it is highly compressible.
- Monitor application logs for frequent unexpected process terminations, which could indicate exploitation attempts.
Detection coverage 3
Detect GraphQL Stack Overflow Attempt via HTTP Request Size
mediumDetects abnormally large HTTP requests to GraphQL endpoints, potentially indicating a stack overflow attempt.
Detect GraphQL Stack Overflow Attempt via HTTP Compression Ratio
mediumDetects abnormally high HTTP compression ratios for GraphQL requests, which may indicate deeply nested structures.
Detect Frequent Application Restarts
mediumDetects frequent application restarts, which may be a symptom of the GraphQL stack overflow vulnerability exploitation.
Detection queries are available on the platform. Get full rules →