8 matches found
CVE-2026-41274
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that ar...
EUVD-2026-25313
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that ar...
Flowise: Cypher Injection in GraphCypherQAChain
Summary The GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that are executed on the underlying Neo4j database, enabling data exfiltration, modification, or deletio...
PT-2026-6724
Name of the Vulnerable Software and Affected Versions Neo4j versions prior to 2026.01 Description A lack of proper unicode character escaping in the query log functionality can result in cross-site scripting XSS if logs are opened in a tool that interprets them as HTML. The issue is present in bo...
EUVD-2018-0611
Malware in sbrugna...
EUVD-2022-2059
Malicious code in bioql PyPI...
Exploit for SQL Injection in Langchain
Proof of Concept for Langchain CVE-2024–8309 Vulnerability...
nuvola - Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services
nuvola with the lowercase n is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax. The general idea behind this project is to create an abstracted digita...