diff --git a/app/config/errors.php b/app/config/errors.php
index 8464d9b15..d9de78895 100644
--- a/app/config/errors.php
+++ b/app/config/errors.php
@@ -517,6 +517,11 @@ return [
         'description' => 'Query is required.',
         'code' => 400,
     ],
+    Exception::GRAPHQL_INVALID_QUERY => [
+        'name' => Exception::GRAPHQL_NO_QUERY,
+        'description' => 'Invalid query supplied.',
+        'code' => 400,
+    ],
     Exception::GRAPHQL_TOO_MANY_QUERIES => [
         'name' => Exception::GRAPHQL_TOO_MANY_QUERIES,
         'description' => 'Too many queries have been sent in the same request.',
diff --git a/app/controllers/api/graphql.php b/app/controllers/api/graphql.php
index 92545c655..075041273 100644
--- a/app/controllers/api/graphql.php
+++ b/app/controllers/api/graphql.php
@@ -88,6 +88,10 @@ function graphqlRequest(
     if (\count($query) > $maxBatchSize) {
         throw new Exception('Too many queries.', 400, Exception::GRAPHQL_TOO_MANY_QUERIES);
     }
+    foreach ($query as $item) {
+        if (!isset($item['query'])) {
+            throw new Exception('Invalid query.', 400, Exception::GRAPHQL_INVALID_QUERY);
+        }
     }
 
     $debugFlags = DebugFlag::INCLUDE_DEBUG_MESSAGE | DebugFlag::INCLUDE_TRACE;
diff --git a/src/Appwrite/Extend/Exception.php b/src/Appwrite/Extend/Exception.php
index 5ee67c87a..177271bf4 100644
--- a/src/Appwrite/Extend/Exception.php
+++ b/src/Appwrite/Extend/Exception.php
@@ -173,6 +173,8 @@ class Exception extends \Exception
 
     /** GraphqQL */
     public const GRAPHQL_NO_QUERY                  = 'graphql_no_query';
+    public const GRAPHQL_INVALID_QUERY             = 'graphql_invalid_query';
+    public const GRAPHQL_TOO_MANY_QUERIES          = 'graphql_too_many_queries';
 
     private $type = '';