Insight for: (More) serious bugs

Security vulnerabilities in Graphify's `_fetch_tweet` function (SSRF) and Neo4j Cypher export (injection).

Analyzed: Apr 8, 2026

This issue exposes critical security vulnerabilities within Graphify, specifically an SSRF bypass in `_fetch_tweet` and a Cypher injection flaw in the Neo4j export. The SSRF allows unprotected HTTP requests via user-controlled URLs, circumventing existing `safe_fetch()` mechanisms. The Cypher injection vulnerability arises from insufficient escaping of user-derived labels and relation names during statement construction, enabling arbitrary database manipulation. For B2B SaaS, these are severe findings. Security exploits like SSRF and injection can lead to data breaches, system compromise, and significant reputational damage. Addressing these immediately is paramount for Graphify's viability, especially as an AI coding assistant handling sensitive codebases. Failure to prioritize security will severely limit enterprise adoption, as trust and data integrity are non-negotiable requirements for B2B software.

SSRF protections `_fetch_tweet` `safe_fetch()` URL validation redirect re-validation size caps `urllib.request.urlopen()` user input `oembed_api` URL `urllib.parse.quote()` `_detect_url_type()` `validate_url()` HTTP request Neo4j Cypher export injection-vulnerable `to_cypher()` Cypher statements string-interpolating node IDs labels relation names single-quote escape `_make_id()` source code identifiers backslashes MATCH (n) DETACH DELETE n;//

GitHub Issue

Parent Entity

(More) serious bugs

State: Open