Lucene search
K

4 matches found

OSV
OSV
added 2026/03/27 6:31 a.m.5 views

GHSA-7CJ7-RCW6-P68V Spring AI has a Cypher Injection vulnerability in Neo4jVectorFilterExpressionConverter

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS5.9AI score0.0025EPSS
Exploits0References6
OSV
OSV
added 2025/10/29 10:21 p.m.7 views

GHSA-7P73-8JQX-23R8 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

Summary LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization, allowing attackers to inject arbitrary SQL and bypass access controls. Details /langgraph/libs/checkpoint-sqlite/langgraph/store/sqlite/base.py...

7.3CVSS7.2AI score0.00178EPSS
Exploits0References4
PyPA
PyPA
added 2017/12/29 3:29 p.m.6 views

PYSEC-2017-18

Cross-site scripting XSS vulnerability in the keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument...

6.1CVSS6.1AI score0.02216EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2017/12/29 3:29 p.m.2 views

DEBIAN-CVE-2017-16876

Cross-site scripting XSS vulnerability in the keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument...

6.1CVSS6.1AI score0.02216EPSS
Exploits0References1
Rows per page
Query Builder