CNNVD-202509-1529 Information
CNNVD ID
CNNVD-202509-1529
Related CVE
- CNNVD Published: 2025-09-10
Description (Chinese)
Neo4j MCP Clients & Servers是Neo4j Contrib开源的一个用于管理大语言模型上下文的协议。 Neo4j MCP Clients & Servers 0.3.0版本存在安全漏洞,该漏洞源于SSE服务,可能导致敏感信息泄露或执行任意命令。
Description (English)
Neo4j MCP Clits & Servers is an agreement for managing the context of large language models from the Neo4j Contrib open source. Neo4j MCP Clits & Servers version 0.3.0 contains a security loophole that originates from SSE services and may lead to the disclosure of sensitive information or the execution of arbitrary orders.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Nepstech
Published
2025-09-10
Last Modified
2026-02-24
References
https://modelcontextprotocol.io/specification/2025-03-26/basic/authorization https://github.com/neo4j-contrib/mcp-neo4j/issues/124 https://github.com/August829/CVEP/issues/1 https://access.redhat.com/security/cve/cve-2025-56406
Patch
https://github.com/neo4j-contrib/mcp-neo4j/releases
Share on: