CNNVD-202509-1661 Information
CNNVD ID
CNNVD-202509-1661
Related CVE
- CNNVD Published: 2025-09-11
Description (Chinese)
Neo4j MCP Clients & Servers是Neo4j Contrib开源的一个用于管理大语言模型上下文的协议。 Neo4j MCP Clients & Servers存在安全漏洞,该漏洞源于DNS重绑定漏洞,可能导致绕过同源策略保护并执行未经授权的工具调用。
Description (English)
Neo4j MCP Clits & Servers is an agreement for managing the context of large language models from the Neo4j Contrib open source. Neo4j MCP Clits & Servers has a security loophole, which stems from the re-locking of the DNS and may lead to the protection and implementation of unauthorized tools around the same source strategy.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Nepstech
Published
2025-09-11
Last Modified
2026-02-24
References
https://neo4j.com/security/cve-2025-10193 https://github.com/neo4j-contrib/mcp-neo4j/security/advisories/GHSA-vcqx-v2mg-7chx https://github.com/neo4j-contrib/mcp-neo4j/releases/tag/mcp-neo4j-cypher-v0.4.0 https://access.redhat.com/security/cve/cve-2025-10193
Patch
https://github.com/neo4j-contrib/mcp-neo4j/releases
Share on: