Description

Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.node_labels were concatenated directly into Cypher label expressions without validation. In MCP deployments, this was exploitable not only through direct untrusted access to the Graphiti MCP server, but also through prompt injection against an LLM client that could be induced to call search_nodes with attacker-controlled entity_types values. The MCP server mapped entity_types to SearchFilters.node_labels, which then reached the vulnerable Cypher construction path. Affected backends included Neo4j, FalkorDB, and Neptune. Kuzu was not affected by the label-injection issue because it used parameterized label handling rather than string-interpolated Cypher labels. This issue was mitigated in 0.28.2.

INFO

Published Date :

2026-03-12T19:11:29.857Z

Last Modified :

2026-03-13T16:17:58.625Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-32247 vulnerability.

Vendors Products
Getzep
  • Graphiti
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-32247.

URL Resource
https://github.com/getzep/graphiti/commit/7d65d5e77e89a199a62d737634eaa26dbb04d037 cve-icon cve-icon
https://github.com/getzep/graphiti/pull/1312 cve-icon cve-icon
https://github.com/getzep/graphiti/releases/tag/v0.28.2 cve-icon cve-icon
https://github.com/getzep/graphiti/security/advisories/GHSA-gg5m-55jj-8m5g cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact