CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

512 matches found

RedhatCVE•added 2026/03/26 3:2 p.m.•2 views

CVE-2026-32247

Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...

8.1CVSS5.8AI score0.00018EPSS

Exploits2References1

NVD•added 2026/03/12 7:16 p.m.•1 views

CVE-2026-32247

8.1CVSS0.00018EPSS

Exploits2References4

CVE•added 2026/03/12 7:11 p.m.•11 views

CVE-2026-32247

Graphiti CVE-2026-32247 is a Cypher injection vulnerability in pre-0.28.2 releases where attacker-controlled values fed into SearchFilters.node_labels were concatenated into Cypher label expressions. The issue affected non-Kuzu backends (Neo4j, FalkorDB, Neptune) and could be exploited via MCP de...

8.1CVSS5.8AI score0.00018EPSS

Exploits2References4Affected Software1

Cvelist•added 2026/03/12 7:11 p.m.•23 views

CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters

8.1CVSS0.00018EPSS

Exploits2References4

Vulnrichment•added 2026/03/12 7:11 p.m.•2 views

CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters

8.1CVSS5.8AI score0.00018EPSS

Exploits2References4

ATTACKERKB•added 2026/03/12 7:11 p.m.•4 views

CVE-2026-32247

8.1CVSS5.8AI score0.00018EPSS

Exploits2References5Affected Software1

OSV•added 2026/03/12 5:26 p.m.•1 views

GHSA-GG5M-55JJ-8M5G Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters

Summary Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabels were concatenated directly into Cypher label expressions without validation. In...

8.1CVSS6AI score0.00018EPSS

Exploits2References6

Positive Technologies•added 2026/03/12 12:0 a.m.•2 views

PT-2026-25057

Summary Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.node labels were concatenated directly into Cypher label expressions without validation. I...

8.1CVSS6AI score0.00018EPSS

Exploits2References16

Snyk•added 2025/12/12 2:33 a.m.•1 views

Malicious Package

Overview browser-client-neptune is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS6.8AI score

Exploits0References2

OSV•added 2025/11/28 7:55 p.m.•1 views

MAL-2025-191484 Malicious code in browser-client-neptune (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ad0cf7ca8faf91e654dc6ceb89ca235f191edc099334e5d8cf1a070bfb128a The package browser-client-neptune was found to contain malicious code. Source: ghsa-malware...

6.8AI score

Exploits0References1