Information disclosure in Neo4j Enterprise Edition
CVE-2025-12738
Neo4j Enterprise edition versions prior to 2025.11.2 and 5.26.17 are vulnerable to a potential information disclosure by an attacker who has some legitimate access to the database. The vulnerability allows attacker without read access to a…
Vulnerability class: Information Disclosure
EPSS: 0.000 (7.1th percentile) — read the EPSS interpretation.
Affected products
- Neo4j Enterprise Edition — versions 0
Weakness classification (CWE)
References
- neo4j.com/security/CVE-2025-12738 (vendor-advisory)