CVE-2026-32247HIGH 8.1EPSS p26.1%

CVE-2026-32247CVE-2026-32247

Description

Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.node_labels were concatenated directly into Cypher label expressions without validation. In MCP deployments, this was exploitable not only through direct untrusted access to the Graphiti MCP server, but also through prompt injection against an LLM client that could be induced to call search_nodes with attacker-controlled entity_types values. The MCP server mapped entity_types to SearchFilters.node_labels, which then reached the vulnerable Cypher construction path. Affected backends included Neo4j, FalkorDB, and Neptune. Kuzu was not affected by the label-injection issue because it used parameterized label handling rather than string-interpolated Cypher labels. This issue was mitigated in 0.28.2.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS0.34% probability of exploitation · percentile 26.1% · 2026-06-18T12:00:27Z
Published2026-03-12
Last modified2026-03-18

Underlying weaknesses· 1

CWE-943

References

  1. https://github.com/getzep/graphiti/commit/7d65d5e77e89a199a62d737634eaa26dbb04d037
  2. https://github.com/getzep/graphiti/pull/1312
  3. https://github.com/getzep/graphiti/releases/tag/v0.28.2
  4. https://github.com/getzep/graphiti/security/advisories/GHSA-gg5m-55jj-8m5g

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements in Data Query Logiccwe-9430%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-33286
CVE
CVE-2026-41274
CVE
CVE-2025-8279
CVE
CVE-2026-40967
CVE
CVE-2026-22744
CVE
CVE-2026-41327
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.