PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-55615 langroid CVE debrief

The CVE record was published on 2026-07-10T00:16:33.867Z and has not been modified since then. The NVD entry is currently Received. This critical vulnerability in Langroid's Neo4jChatAgent allows attackers to inject malicious Cypher queries, potentially leading to unauthorized data access or modification, and in some cases, OS-command and filesystem access if APOC or dbms.security procedures are enabled on the server. The vulnerability is influenceable by prompt injection, and an attacker who can influence the prompt can read or destroy all graph data.

Vendor
langroid
Product
Unknown
CVSS
CRITICAL 9.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-10
Original CVE updated
2026-07-10
Advisory published
2026-07-10
Advisory updated
2026-07-10

Who should care

Users of Langroid's Neo4jChatAgent feature, especially those with APOC or dbms.security procedures enabled on their Neo4j server, should be aware of this critical vulnerability. Affected operators, platforms, and vulnerability-management teams should prioritize immediate attention, especially in environments where Neo4j servers are exposed to untrusted inputs.

Technical summary

CVE-2026-55615 is a critical vulnerability in Langroid's Neo4jChatAgent. Prior to version 0.65.5, the agent passes LLM-generated Cypher queries directly to the Neo4j driver without validation, allowlisting, or opt-out mechanisms. This allows attackers to inject malicious Cypher queries, potentially leading to unauthorized data access or modification, and in some cases, OS-command and filesystem access if APOC or dbms.security procedures are enabled on the server. The vulnerability is influenceable by prompt injection, and an attacker who can influence the prompt can read or destroy all graph data.

Defensive priority

This vulnerability should be prioritized for immediate attention, especially in environments where Neo4j servers are exposed to untrusted inputs or where APOC or dbms.security procedures are enabled.

Recommended defensive actions

  • Update Langroid to version 0.65.5 or later
  • Review and restrict Neo4j driver permissions
  • Monitor Neo4j server logs for suspicious activity
  • Implement additional input validation and sanitization for Cypher queries
  • Consider disabling APOC or dbms.security procedures if not required
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record and NVD entry provide details about the vulnerability. Langroid's GitHub repository contains information about the fix in version 0.65.5. Evidence limits suggest that Langroid's Neo4jChatAgent feature may be vulnerable to prompt injection attacks, which could lead to unauthorized data access or modification. Defenders should verify the affected scope, severity, and vendor guidance. The vulnerability allows attackers to inject malicious Cypher queries, potentially leading to OS-command and filesystem access if APOC or dbms.security procedures are enabled on the server.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T00:16:33.867Z and has not been modified since then. The NVD entry is currently Received.