What is the CVSS score of CVE-2026-32247?

CVE-2026-32247 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Graphiti are affected by CVE-2026-32247?

A high-severity vulnerability (CVE-2026-32247) in Graphiti with a CVSS score of 8.1 has been publicly disclosed with working exploits available, creating immediate risk to any organization using this…. A patch is available.

Is there a public PoC exploit available for CVE-2026-32247?

Yes, a public proof-of-concept exploit is available for CVE-2026-32247. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-32247?

Within 24 hours: Inventory all systems running Graphiti, assess exposure in production vs. non-production environments, and isolate critical instances if possible. Within 7 days: Implement network segmentation to restrict Graphiti access, deploy WAF rules to block exploit patterns, disable non-essential Graphiti features, and establish enhanced monitoring for suspicious activity. Within 30 days: Evaluate alternative solutions, coordinate with Graphiti vendor for patch timeline, develop a comprehensive remediation plan, and conduct security testing of any workarounds.

Graphiti CVE-2026-32247

HIGH

Improper Neutralization of Special Elements in Data Query Logic (CWE-943)

2026-03-12 security-advisories@github.com

GHSA-gg5m-55jj-8m5g

Code Injection Nosql Injection Graphiti

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

PoC Detected

Mar 18, 2026 - 14:38 vuln.today

Public exploit code

Analysis Generated

Mar 12, 2026 - 19:57 vuln.today

CVE Published

Mar 12, 2026 - 19:16 nvd

HIGH 8.1

DescriptionNVD

Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.node_labels were concatenated directly into Cypher label expressions without validation. In MCP deployments, this was exploitable not only through direct untrusted access to the Graphiti MCP server, but also through prompt injection against an LLM client that could be induced to call search_nodes with attacker-controlled entity_types values. The MCP server mapped entity_types to SearchFilters.node_labels, which then reached the vulnerable Cypher construction path. Affected backends included Neo4j, FalkorDB, and Neptune. Kuzu was not affected by the label-injection issue because it used parameterized label handling rather than string-interpolated Cypher labels. This issue was mitigated in 0.28.2.

AnalysisAI

High severity vulnerability in Graphiti. #

RemediationAI

Within 24 hours: Inventory all systems running Graphiti, assess exposure in production vs. non-production environments, and isolate critical instances if possible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-32247 vulnerability details – vuln.today

Back