Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Neo4j — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Neo4j. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Neo4j serves as a graph database platform primarily used for relationship-based data analysis and complex query processing. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from authentication bypass flaws and insecure default configurations. While no major public security incidents have been widely documented, the platform's 10 recorded CVEs highlight potential risks in areas like authentication mechanisms and API security. Its security characteristics include built-in encryption and role-based access controls, though implementations require careful configuration to prevent unauthorized access to sensitive graph data structures.

Top products by Neo4j: Enterprise Edition apoc Neo4j neo4j-cypher MCP server
CVE IDTitleCVSSSeverityPublished
CVE-2026-1471 Caching of authentication context — Enterprise editionCWE-863 6.5AIMediumAI2026-03-11
CVE-2026-1524 Auth misconfiguration when multiple providers enabled — Enterprise EditionCWE-863 7.2AIHighAI2026-03-11
CVE-2026-1497 Incorrect privilege assignment in composite databases — Enterprise EditionCWE-863 9.8AICriticalAI2026-03-11
CVE-2026-1337 Insufficient escaping of unicode characters in query log — Enterprise EditionCWE-117 6.1AIMediumAI2026-02-06
CVE-2026-1622 Unredacted data exposure in query.log — Enterprise EditionCWE-532 3.3AILowAI2026-02-04
CVE-2025-12738 Enumeration of restricted property value — Enterprise EditionCWE-200 4.3AIMediumAI2026-01-22
CVE-2025-11602 Untargeted information leak in Bolt protocol handshake — Enterprise EditionCWE-226 5.3 -2025-10-31
CVE-2025-10193 Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks — neo4j-cypher MCP serverCWE-346 9.3AICriticalAI2025-09-11
CVE-2024-34517 Neo4j 安全漏洞 — Neo4jCWE-471 6.5 Medium2024-05-07
CVE-2023-23926 Neo4j 代码问题漏洞 — apocCWE-611 5.9 Medium2023-02-16

This page lists every published CVE security advisory associated with Neo4j. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.