org.neo4j:neo4j
Maven3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.neo4j:neo4jpage 1 of 1
- CVE-2013-7259NONECVSS 0.0EG 0.0✓ Fixed in 2.2.0-M012014-04-29
vulnerable: 1.2 ... 2.1.8 (96 versions)
Multiple cross-site request forgery (CSRF) vulnerabilities in Neo4J 1.9.2 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary code, as demonstrated by a request to (1) db/data/ext/Greml…
- CVE-2021-34371CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.5.02021-08-05
vulnerable: 1.2 ... 3.5.0-rc01 (263 versions)
Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies w…
- CVE-2026-1622MEDIUMCVSS 4.8EG 0.0✓ Fixed in 2026.01.32026-02-04
vulnerable: 2025.01.0 ... 2025.12.1 (16 versions)
Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscate_literals" option in the query lo…
Check whether org.neo4j:neo4j is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.neo4j:neo4j CVEs against the assets you own.
Start Free Scan →