Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Caching of authentication context
Vulnerability Description
Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO (UserInfo endpoint). We recommend upgrading to versions 2026.01.4 (or 5.26.22) where the issue is fixed.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
Neo4j 安全漏洞
Vulnerability Description
Neo4j是美国Neo4j公司的一款基于Java的且完全兼容ACID的图形数据库,它支持数据迁移、附加组件等。 Neo4j Enterprise 2026.01.4之前版本存在安全漏洞,该漏洞源于身份验证环境过度缓存,可能导致经过身份验证的用户继承重启后第一个用户的身份验证环境。
CVSS Information
N/A
Vulnerability Type
N/A