Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to obtain sensitive information or execute arbitrary commands via the SSE service. NOTE: the Supplier's position is that authentication is not mandatory for MCP servers, and the mcp-neo4j MCP server is only intended for use in a local environment where authentication realistically would not be needed. Also, the Supplier provides middleware to help isolate the MCP server from external access (if needed).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Neo4j MCP Clients & Servers 安全漏洞
Vulnerability Description
Neo4j MCP Clients & Servers是Neo4j Contrib开源的一个用于管理大语言模型上下文的协议。 Neo4j MCP Clients & Servers 0.3.0版本存在安全漏洞,该漏洞源于SSE服务,可能导致敏感信息泄露或执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A