Is Mcp Neo4j Cypher safe to use?

Mcp Neo4j Cypher has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Mcp Neo4j Cypher?

Install Mcp Neo4j Cypher via pip: `pip install mcp-neo4j-cypher`. Then configure it in your MCP client.

What AI clients work with Mcp Neo4j Cypher?

Mcp Neo4j Cypher is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Mcp Neo4j Cypher

A simple Neo4j MCP server

UnknownNot tested

Data

PyPI

25DNo CVEsunknown

Quick Install

{
  "mcpServers": {
    "mcp-neo4j-cypher": {
      "command": "uvx",
      "args": [
        "mcp-neo4j-cypher"
      ]
    }
  }
}

Setup guide

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-neo4j-cypher)](https://mcppedia.org/s/mcp-neo4j-cypher)

Should you use this server?

A simple Neo4j MCP server

✓

Is it safe?

No known CVEs for mcp-neo4j-cypher. 1 previously resolved.

No authentication — any process on your machine can connect.

License not specified.

Is it maintained?

Commit history unknown.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'mcp-neo4j-cypher' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Score Breakdown

MCPpedia Score

Click each category to see evidence

25D

Last scored 20h ago

How we score →

Security

20/30

No open vulnerabilities. 1 fixed CVE.

✓

Known CVEs — No known CVEs for mcp-neo4j-cyphercheck OSV.dev

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

✓

Tool stability — Tool definitions stable

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

○

Dependency health — found on deps.dev, recently updated

✗

License — No license specified

○

Authentication — No authentication required

○

Repository — active repo

Advisories (0 open, 1 fixed)

mediumCVSS 4CVE-2025-10193Fixed

Neo4j Cypher MCP server is vulnerable to DNS rebinding

### Impact DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend sufficient time there for DNS rebinding to succeed. ### Patches CORS Middleware added to Cypher MCP server v0.4.0 that blocks all web-based access by default. ### Workarounds If you cannot u

Affected: >= 0.2.2Fixed in 0.4.0Published Sep 11, 2025source \u2192

CVEs checked daily via OSV.dev. Score algorithm is open source.

Reviews

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Neo4j Cypher safe to use?: Mcp Neo4j Cypher has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Mcp Neo4j Cypher?: Install Mcp Neo4j Cypher via pip: `pip install mcp-neo4j-cypher`. Then configure it in your MCP client.
What AI clients work with Mcp Neo4j Cypher?: Mcp Neo4j Cypher is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

MCP Security Weekly

Get CVE alerts and security updates for Mcp Neo4j Cypher and similar servers.

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?