CVE-2025-66169

Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component

CVSS 5.3 MEDIUMEPSS 0.6%CWE-89

Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Apache Software Foundation · Apache Camel Neo4j

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://camel.apache.org/security/CVE-2025-66169.html http://www.openwall.com/lists/oss-security/2026/01/13/5