Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Enumeration of restricted property value
Vulnerability Description
Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential information disclosure by an attacker who has some legitimate access to the database. The vulnerability allows attacker without read access to a property to infer information about its value by trying to enumerate all possible values through observing error messages of SET property. We recommend upgrading to 2025.11.2 or 5.26.17 and above, where the issues is fixed.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Neo4j Enterprise Edition 安全漏洞
Vulnerability Description
Neo4j Enterprise Edition是美国Neo4j公司的一款图数据库。 Neo4j Enterprise Edition 2025.11.2之前版本和5.26.17之前版本存在安全漏洞,该漏洞源于攻击者可通过观察错误消息枚举属性值,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A