CVE-2026-1337 PoC — Neo4j 安全漏洞

Source

https://github.com/JoakimBulow/CVE-2026-1337

Associated Vulnerability

Title:Neo4j 安全漏洞 (CVE-2026-1337)
Description:Neo4j是美国Neo4j公司的一款基于Java的且完全兼容ACID的图形数据库，它支持数据迁移、附加组件等。 Neo4j Enterprise和Neo4j Community 2026.01之前版本存在安全漏洞，该漏洞源于查询日志中Unicode字符转义不足，如果用户在将日志视为HTML的工具中打开日志，可能导致跨站脚本。

Description

CVE-2026-1337 - Neo4j - Log Injection

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!