3 matches found
Insufficient Granularity of Access Control
Overview mcp-neo4j-cypher is an A simple Neo4j MCP server Affected versions of this package are vulnerable to Insufficient Granularity of Access Control in the readonly mode in CALL procedures. An attacker can perform unauthorized actions and potentially access internal resources by bypassing...
Neo4j Labs MCP Servers: SSRF and Data Modification via read_only Mode Bypass Through CALL Procedures
Summary The readonly mode in mcp-neo4j-cypher versions prior to 0.6.0 can be bypassed using CALL procedures. Details Impact The enforcing of readonly mode in vulnerable versions could be bypassed by certain APOC procedures. Patches v0.6.0 release hardened the checks around the mode. The only way ...
CVE-2025-10193
DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...