Lucene search
K

6 matches found

Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.5 views

Targeted Bit-Flip Attacks on LLM-Based Agents

Targeted bit-flip attacks BFAs exploit hardware faults to manipulate model parameters, posing a significant security threat. While prior work targets single-step inference models e.g., image classifiers, LLM-based agents with multi-stage pipelines and external tools present new attack surfaces,...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/09/11 11:26 p.m.15 views

Neo4j Cypher MCP server is vulnerable to DNS rebinding

Impact DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spen...

7.4CVSS6.8AI score0.00206EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/11 2:5 p.m.2 views

CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS6.5AI score0.00206EPSS
Exploits0References3
CVE
CVE
added 2025/09/11 2:5 p.m.14 views

CVE-2025-10193

CVE-2025-10193 : DNS rebinding vulnerability in the Neo4j Cypher MCP server allows a malicious website to bypass Same-Origin Policy and trigger unauthorised local tool invocations. The attack relies on a user visiting a crafted site for enough time to succeed. Public details indicate impact on th...

7.4CVSS6.5AI score0.00206EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/11 2:5 p.m.23 views

CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS0.00206EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.13 views

PT-2025-37184

Name of the Vulnerable Software and Affected Versions: Neo4j Cypher MCP server affected versions not specified Description: A DNS rebinding issue exists in the Neo4j Cypher MCP server. This allows malicious websites to circumvent Same-Origin Policy protections and execute unauthorized tool...

7.4CVSS6AI score0.00206EPSS
Exploits0References10
Rows per page
Query Builder