Filtered by vendor Neo4j-contrib
                         Subscriptions
                    
                    
                
                    Total
                    1 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2025-56406 | 2 Neo4j, Neo4j-contrib | 2 Neo4j, Mcp-neo4j | 2025-09-16 | 7.5 High | 
| An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to obtain sensitive information or execute arbitrary commands via the SSE service. NOTE: the Supplier's position is that authentication is not mandatory for MCP servers, and the mcp-neo4j MCP server is only intended for use in a local environment where authentication realistically would not be needed. Also, the Supplier provides middleware to help isolate the MCP server from external access (if needed). | ||||
                            
                                
                                
                                    Page 1 of 1.