Lucene search
+L

184 matches found

veracode
veracode
added 2025/10/22 10:10 a.m.4 views

DNS Rebinding

Neo4j Cypher MCP is vulnerable to DNS Rebinding. The vulnerability is due to the MCP server trusting requests from rebinding hostnames, and attackers can lure users to a malicious website that rebinding succeeds on to bypass Same-Origin Policy and invoke tools against local Neo4j instances...

7.4CVSS6.4AI score0.00206EPSS
Exploits0References7Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-21362

Malware in sbrugna...

6.5CVSS6.5AI score0.00716EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-6948

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00818EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-1703

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00625EPSS
Exploits0References7
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-6816

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0141EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.35 views

EUVD-2023-0642

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00948EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.26 views

EUVD-2025-28908

Malicious code in bioql PyPI...

7.4CVSS6.4AI score0.00206EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-0344

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00658EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/09/13 2:20 p.m.7 views

CVE-2025-10193

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS6.9AI score0.00206EPSS
Exploits0References1
osv
osv
added 2025/09/11 11:26 p.m.50 views

GHSA-VCQX-V2MG-7CHX Neo4j Cypher MCP server is vulnerable to DNS rebinding

Impact DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spen...

7.4CVSS6.8AI score0.00206EPSS
Exploits0References7
snyk
snyk
added 2025/09/11 11:26 p.m.5 views

Origin Validation Error

Overview mcp-neo4j-cypher is an A simple Neo4j MCP server Affected versions of this package are vulnerable to Origin Validation Error via the lack of proper origin validation in the server's request handling. An attacker can execute unauthorized tool invocations against locally running instances ...

7.4CVSS6.8AI score0.00206EPSS
Exploits0References2
github
github
added 2025/09/11 11:26 p.m.17 views

Neo4j Cypher MCP server is vulnerable to DNS rebinding

Impact DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spen...

7.4CVSS6.8AI score0.00206EPSS
Exploits0References7Affected Software1
vulnrichment
vulnrichment
added 2025/09/11 2:5 p.m.2 views

CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS6.5AI score0.00206EPSS
Exploits0References3
cvelist
cvelist
added 2025/09/11 2:5 p.m.24 views

CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS0.00206EPSS
Exploits0References3
cve
cve
added 2025/09/11 2:5 p.m.17 views

CVE-2025-10193

CVE-2025-10193 : DNS rebinding vulnerability in the Neo4j Cypher MCP server allows a malicious website to bypass Same-Origin Policy and trigger unauthorised local tool invocations. The attack relies on a user visiting a crafted site for enough time to succeed. Public details indicate impact on th...

7.4CVSS6.5AI score0.00206EPSS
Exploits0References3
osv
osv
added 2025/09/11 2:5 p.m.9 views

CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS6AI score0.00206EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2025/09/11 12:0 a.m.15 views

PT-2025-37184

Name of the Vulnerable Software and Affected Versions: Neo4j Cypher MCP server affected versions not specified Description: A DNS rebinding issue exists in the Neo4j Cypher MCP server. This allows malicious websites to circumvent Same-Origin Policy protections and execute unauthorized tool...

7.4CVSS6AI score0.00206EPSS
Exploits0References15
osv
osv
added 2025/08/14 6:52 p.m.3 views

MAL-2025-17891 Malicious code in cypher-rest (npm)

The package cypher-rest was found to contain malicious code...

7.2AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.4 views

Malicious code in cypher-rest (npm)

The package cypher-rest was found to contain malicious code...

7AI score
Exploits0
redhatcve
redhatcve
added 2025/05/22 6:9 p.m.6 views

CVE-2021-1481

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

4.3CVSS6.9AI score0.00818EPSS
Exploits0References1
Rows per page
Query Builder