Security Advisory – 18 Apr 2026

Security fixes and advisories that landed overnight. Updated 18 Apr 2026 00:16 GMT.

Top items

NIST

CVE-2026-40324

Hot Chocolate’s recursive descent parser has no recursion depth limit in affected versions. A crafted GraphQL document can trigger a StackOverflowException and terminate the worker process immediately.

  • Published: 18 Apr 2026 00:16 GMT
  • CVEs: CVE-2026-40324
  • Notes: Fixes add a MaxAllowedRecursionDepth option

Related posts

n8n | n8n@2.28.7

n8n 2 28 7: pins langgraph and langgraph checkpoint to fix broken npm installs, low risk bug fix, upgrade recommended for npm and CI users

Agentic AI still needs domain judgement

Agentic AI can write the thing, but it still cannot tell you whether the thing is right. That is where domain expertise matters, because a clean config or neat bit of glue logic can still be wrong in...

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.