CVE-2026-42156

Sažetak

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a node with a malicious type that can escape an existing Cypher query and an adversary can execute an arbitrary Cypher query. This vulnerability is fixed in 1.2.3.

Reference

https://github.com/reconurge/flowsint/security/advisories/GHSA-h5m2-c2c5-968p
https://github.com/reconurge/flowsint/security/advisories/GHSA-h5m2-c2c5-968p

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

13-05-2026 - 16:10

Objavljeno

12-05-2026 - 23:16