512 matches found
CVE-2026-32247
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247
Graphiti CVE-2026-32247 is a Cypher injection vulnerability in pre-0.28.2 releases where attacker-controlled values fed into SearchFilters.node_labels were concatenated into Cypher label expressions. The issue affected non-Kuzu backends (Neo4j, FalkorDB, Neptune) and could be exploited via MCP de...
CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
CVE-2026-32247
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...
GHSA-GG5M-55JJ-8M5G Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters
Summary Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabels were concatenated directly into Cypher label expressions without validation. In...
PT-2026-25057
Name of the Vulnerable Software and Affected Versions Graphiti versions prior to 0.28.2 Description Graphiti, a framework for building and querying temporal context graphs for AI agents, had a Cypher injection issue in shared search-filter construction for non-Kuzu backends. Attacker-controlled...
Malicious Package
Overview browser-client-neptune is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
EUVD-2025-199881
Malicious code in browser-client-neptune npm...
Malicious code in browser-client-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ad0cf7ca8faf91e654dc6ceb89ca235f191edc099334e5d8cf1a070bfb128a The package browser-client-neptune was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191484 Malicious code in browser-client-neptune (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9ad0cf7ca8faf91e654dc6ceb89ca235f191edc099334e5d8cf1a070bfb128a The package browser-client-neptune was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-177189
Malicious code in photon-transhumanism-cosmicray-neptune npm...
EUVD-2025-175578
Malicious code in websockets-winston-neptune-ablation npm...
EUVD-2025-178461
Malicious code in ichnology-materialize-neptune-karma npm...
EUVD-2025-177942
Malicious code in materialize-cache-neptune-cosmogenic npm...
Malicious code in planetology-neptune-bellatrix-on (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78f2b23e9b8a39df059205b517a8ab6243a9cc96f26b1be0aa2c2639737a9919 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177668
Malicious code in neptune-cryovolcano-dysonswarm-scripts npm...
Malicious code in rest-neptune-style-loader-nconf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e73cc4d0f5853887957b7f07654dbc5a175c704973e120419196dc6b0c2b0e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176733
Malicious code in rehype-darkenergy-neptune-taphonomy npm...