512 matches found
CVE-2026-32247
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247
Graphiti CVE-2026-32247 is a Cypher injection vulnerability in pre-0.28.2 releases where attacker-controlled values fed into SearchFilters.node_labels were concatenated into Cypher label expressions. The issue affected non-Kuzu backends (Neo4j, FalkorDB, Neptune) and could be exploited via MCP de...
GHSA-GG5M-55JJ-8M5G Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Summary Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabels were concatenated directly into Cypher label expressions without validation. In...
PT-2026-25057
Summary Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.node labels were concatenated directly into Cypher label expressions without validation. I...
Malicious Package
Overview browser-client-neptune is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious code in browser-client-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ad0cf7ca8faf91e654dc6ceb89ca235f191edc099334e5d8cf1a070bfb128a The package browser-client-neptune was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199881
Malicious code in browser-client-neptune npm...
MAL-2025-191484 Malicious code in browser-client-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ad0cf7ca8faf91e654dc6ceb89ca235f191edc099334e5d8cf1a070bfb128a The package browser-client-neptune was found to contain malicious code. Source: ghsa-malware...
Malicious code in phenomic-metalsmith-neptune-fornax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40a3e947e7e13e33325e88989cd6115c193af7ef059f6904daade611693e4fa9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177670
Malicious code in neptune-barnard-mdx-less-loader npm...
EUVD-2025-175899
Malicious code in transhumanism-release-it-neptune-init npm...
EUVD-2025-175614
Malicious code in webdriver-manager-neptune-vulcan-scorpius npm...
EUVD-2025-177660
Malicious code in neptune-lacerta-accretion-meteor npm...
EUVD-2025-177657
Malicious code in neptune-node-sass-altair-membrane npm...
Malicious code in redshift-deimos-neptune-yakutsk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f964324bd6752b8565f81793c10d0ab91313d89d5665605b85485952a2a4c694 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in neptune-venus-foundation-hyperion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee152f2d4396ca7e5f7e1a9e8af596f9095773d1fab65f76596fd3bf58c29f61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...