VYPR

Packagist (Composer) package

neuron-core/neuron-ai

pkg:composer/neuron-core/neuron-ai

Vulnerabilities (2)

  • CVE-2025-67509Dec 10, 2025
    affected < 2.8.12fixed 2.8.12

    Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the firs

  • CVE-2025-67510Dec 10, 2025
    affected < 2.8.12fixed 2.8.12

    Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but