From 03d4c19ed58e1d2398906c3cf0917c35380da37a Mon Sep 17 00:00:00 2001
From: Josema Camacho <josema@prowler.com>
Date: Thu, 22 Jan 2026 13:45:35 +0100
Subject: [PATCH] fix: remove `None` databases name for removing provider Neo4j
 databases (#9858)

---
 api/CHANGELOG.md                                  |  8 +++++++-
 .../backend/api/attack_paths/retryable_session.py |  1 +
 .../backend/tasks/jobs/attack_paths/db_utils.py   | 15 +++++++++++----
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/api/CHANGELOG.md b/api/CHANGELOG.md
index d7986bc15a..608033ce8c 100644
--- a/api/CHANGELOG.md
+++ b/api/CHANGELOG.md
@@ -2,6 +2,13 @@
 
 All notable changes to the **Prowler API** are documented in this file.
 
+## [1.18.1] (Prowler v5.17.1)
+
+### Changed
+
+- Improve API startup process by `manage.py` argument detection [(#9856)](https://github.com/prowler-cloud/prowler/pull/9856)
+- Deleting providers don't try to delete a `None` Neo4j database when an Attack Paths scan is scheduled [(#9858)](https://github.com/prowler-cloud/prowler/pull/9858)
+
 ## [1.18.0] (Prowler v5.17.0)
 
 ### Added
@@ -19,7 +26,6 @@ All notable changes to the **Prowler API** are documented in this file.
 - `pyasn1` to v0.6.2 to address [CVE-2026-23490](https://nvd.nist.gov/vuln/detail/CVE-2026-23490) [(#9818)](https://github.com/prowler-cloud/prowler/pull/9818)
 - `django-allauth[saml]` to v65.13.0 to address [CVE-2025-65431](https://nvd.nist.gov/vuln/detail/CVE-2025-65431) [(#9575)](https://github.com/prowler-cloud/prowler/pull/9575)
 
-
 ---
 
 ## [1.17.1] (Prowler v5.16.1)
diff --git a/api/src/backend/api/attack_paths/retryable_session.py b/api/src/backend/api/attack_paths/retryable_session.py
index 026751a616..05d0be9c30 100644
--- a/api/src/backend/api/attack_paths/retryable_session.py
+++ b/api/src/backend/api/attack_paths/retryable_session.py
@@ -66,6 +66,7 @@ class RetryableSession:
             except (
                 neo4j.exceptions.ServiceUnavailable,
                 ConnectionResetError,
+                BrokenPipeError,
             ) as exc:  # pragma: no cover - depends on infra
                 last_exc = exc
                 attempt += 1
diff --git a/api/src/backend/tasks/jobs/attack_paths/db_utils.py b/api/src/backend/tasks/jobs/attack_paths/db_utils.py
index 63451ef74d..92f79f6f36 100644
--- a/api/src/backend/tasks/jobs/attack_paths/db_utils.py
+++ b/api/src/backend/tasks/jobs/attack_paths/db_utils.py
@@ -1,6 +1,7 @@
 from datetime import datetime, timezone
 from typing import Any
 
+from django.db.models import Q
 from cartography.config import Config as CartographyConfig
 
 from api.db_utils import rls_transaction
@@ -153,9 +154,15 @@ def get_provider_graph_database_names(tenant_id: str, provider_id: str) -> list[
     Note: For accesing the `AttackPathsScan` we need to use `all_objects` manager because the provider is soft-deleted.
     """
     with rls_transaction(tenant_id):
-        graph_databases_names_qs = ProwlerAPIAttackPathsScan.all_objects.filter(
-            provider_id=provider_id,
-            is_graph_database_deleted=False,
-        ).values_list("graph_database", flat=True)
+        graph_databases_names_qs = (
+            ProwlerAPIAttackPathsScan.all_objects.filter(
+                ~Q(graph_database=""),
+                graph_database__isnull=False,
+                provider_id=provider_id,
+                is_graph_database_deleted=False,
+            )
+            .values_list("graph_database", flat=True)
+            .distinct()
+        )
 
         return list(graph_databases_names_qs)