Graphiti fixed a Cypher injection vulnerability affecting non-Kuzu backends. If you're running versions before 0.28.2, upgrade immediately to patch the security gap.
Eliminate Cypher injection risk in Graphiti by upgrading to v0.28.2 and validating filter behavior in your specific deployment.
Signal analysis
Graphiti versions prior to 0.28.2 contained a Cypher injection vulnerability in how search filters are constructed for non-Kuzu database backends. This means attackers could potentially inject malicious Cypher code through filter parameters, compromising data integrity and access control.
The vulnerability specifically affects the search-filter construction layer - the code responsible for translating user input into database queries. Non-Kuzu backends (like Neo4j) that rely on Cypher as their query language are the primary exposure vector.
If you're using Graphiti for knowledge graph operations with Neo4j or other non-Kuzu Cypher-based backends, you need to treat this as a critical security patch. Search filters are fundamental to how applications retrieve and filter graph data - this is not peripheral infrastructure, it's core functionality.
The fix itself is straightforward: upgrade to 0.28.2. But the real work is audit-driven. You need to assess whether any untrusted input passed through search filters during the vulnerable period. This matters more if you're running production applications that accept user-generated search parameters.
For teams building graph-based RAG systems or AI retrieval layers on top of Graphiti, filter injection could mean hallucinating context or returning unauthorized information to your AI models - a compounding security issue.
The upgrade path is dependency-specific. If Graphiti is pinned in your package.json or requirements.txt, bump the version constraint to >=0.28.2. If you're using it as part of a larger AI framework, check your framework's Graphiti version and whether it's already been updated upstream.
Before rolling out to production, test the upgrade in a staging environment that mirrors your real data and query patterns. Cypher injection patches can occasionally affect query parsing, though rare. Verify your most common search filter operations still return expected results.
This is a responsible disclosure - the Graphiti team caught the vulnerability, patched it, and released guidance. That's the expected behavior. What's notable is that injection vulnerabilities in database abstraction layers remain a recurring risk even in modern tooling. It suggests that if you're building on Graphiti, security code review around filter construction should be part of your evaluation checklist.
For teams considering Graphiti for AI knowledge graph applications, this incident doesn't disqualify the tool - it demonstrates proper vulnerability handling. What matters is your own defense-in-depth: parameterized queries, input validation on your side, and principle-of-least-privilege database accounts.
Best use cases
Open the scenarios below to see where this shift creates the clearest practical advantage.
One concise email with the releases, workflow changes, and AI dev moves worth paying attention to.
More updates in the same lane.
CockroachDB's latest update introduces AI agent-ready capabilities, boosting productivity and security in database interactions.
The Neovim + Copilot 0.12.0 release brings significant workflow enhancements for developers. Explore the new features and improvements.
The latest tRPC update enhances API development with OpenAPI Cyclic Types support, streamlining workflows for developers.
