Vulnerabilities in neo4j
10 resultsCVE-2023-23926MEDIUMAPOC (Awesome Procedures on Cypher) is an add-on library for Neo4j. An XML External Entity (XXE) vulnerability found in the apoc.import.grapEPSS 0.9%CVE-2024-34517MEDIUMThe Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin acceEPSS 0.6%CVE-2025-12738LOWEnumeration of restricted property valueEPSS 0.4%CVE-2026-1524LOWAuth misconfiguration when multiple providers enabledEPSS 0.3%CVE-2025-11602MEDIUMUntargeted information leak in Bolt protocol handshakeEPSS 0.3%CVE-2026-1471LOWCaching of authentication contextEPSS 0.2%CVE-2026-1497LOWIncorrect privilege assignment in composite databasesEPSS 0.2%CVE-2026-1337LOWInsufficient escaping of unicode characters in query logEPSS 0.2%CVE-2025-10193HIGHNeo4j Cypher MCP server is vulnerable to DNS rebinding attacksEPSS 0.2%CVE-2026-1622MEDIUMUnredacted data exposure in query.logEPSS 0.1%