6 matches found
Targeted Bit-Flip Attacks on LLM-Based Agents
Targeted bit-flip attacks BFAs exploit hardware faults to manipulate model parameters, posing a significant security threat. While prior work targets single-step inference models e.g., image classifiers, LLM-based agents with multi-stage pipelines and external tools present new attack surfaces,...
Neo4j Cypher MCP server is vulnerable to DNS rebinding
Impact DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spen...
CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks
DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...
CVE-2025-10193
CVE-2025-10193 : DNS rebinding vulnerability in the Neo4j Cypher MCP server allows a malicious website to bypass Same-Origin Policy and trigger unauthorised local tool invocations. The attack relies on a user visiting a crafted site for enough time to succeed. Public details indicate impact on th...
CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks
DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...
PT-2025-37184
Name of the Vulnerable Software and Affected Versions: Neo4j Cypher MCP server affected versions not specified Description: A DNS rebinding issue exists in the Neo4j Cypher MCP server. This allows malicious websites to circumvent Same-Origin Policy protections and execute unauthorized tool...