Neo4j 2025.x — End of Life
EOL Critical risk EOL: Feb 3, 202612 releases in this series48 CVEs
Neo4j 2025.x — All releases
| Version | Released | Active support | EOL date | Latest patch | Status |
|---|---|---|---|---|---|
| 2025.12 | Jan 16, 2026 | — | Feb 3, 2026 | 2025.12.1 | EOL |
| 2025.11 | Dec 19, 2025 | — | Jan 16, 2026 | 2025.11.2 | EOL |
| 2025.10 | Oct 30, 2025 | — | Dec 19, 2025 | 2025.10.1 | EOL |
| 2025.09 | Sep 29, 2025 | — | Oct 30, 2025 | 2025.09.0 | EOL |
| 2025.08 | Aug 27, 2025 | — | Sep 29, 2025 | 2025.08.0 | EOL |
| 2025.07 | Jul 31, 2025 | — | Aug 15, 2025 | 2025.07.1 | EOL |
| 2025.06 | Jul 2, 2025 | — | Jul 31, 2025 | 2025.06.2 | EOL |
| 2025.05 | Jun 3, 2025 | — | Jul 2, 2025 | 2025.05.1 | EOL |
| 2025.04 | Apr 30, 2025 | — | Jun 3, 2025 | 2025.04.0 | EOL |
| 2025.03 | Mar 27, 2025 | — | Apr 30, 2025 | 2025.03.0 | EOL |
| 2025.02 | Feb 27, 2025 | — | Mar 27, 2025 | 2025.02.0 | EOL |
| 2025.01 | Feb 6, 2025 | — | Feb 27, 2025 | 2025.01.0 | EOL |
CVEs affecting Neo4j 2025.x (48)
| CVE | Severity | CVSS | EPSS | KEV | Cycle | Description | Published |
|---|---|---|---|---|---|---|---|
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.01 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.07 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.08 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.06 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.04 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.03 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.10 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.11 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.05 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.09 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.02 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 2025.12 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.11 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.12 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.10 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.04 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.01 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.08 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.06 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.02 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.09 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.03 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.07 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 2025.05 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.08 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.06 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.11 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.03 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.10 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.09 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.02 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.12 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.04 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.01 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.05 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 2025.07 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.02 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.09 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.06 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.01 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.10 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.03 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.07 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.05 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.08 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.12 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.11 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 2025.04 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
Neo4j 2025.x is EOL — migrate to Neo4j 2026.x
Neo4j 2026.x is the next major release. Plan your upgrade before Neo4j 2025.x stops receiving security patches.
Frequently asked questions
Is Neo4j 2025 end of life?
Yes. All Neo4j 2025.x releases have reached end of life and no longer receive security patches. There are 48 known CVEs affecting Neo4j 2025.x, including 12 critical. Migrate to Neo4j 2026.x as soon as possible.
What CVEs affect Neo4j 2025?
There are 48 CVEs tracked for Neo4j 2025.x, including 12 critical severity issues. See the full list above with CVSS and EPSS scores.
What is the latest Neo4j 2025 version?
The latest Neo4j 2025.x patch release is 2025.12.1, released on January 14, 2026. Always run the latest patch to benefit from all security fixes.
How to migrate from Neo4j 2025 to Neo4j 2026?
To migrate from Neo4j 2025 to Neo4j 2026: (1) review the official Neo4j 2026 migration guide for breaking changes, (2) update dependencies and configuration accordingly, (3) test thoroughly in a staging environment, (4) deploy with a rollback plan. Starting early gives you time to resolve compatibility issues before your current version reaches end of life.
Is it safe to run Neo4j 2025 in production?
No. Neo4j 2025 has reached end of life and security vulnerabilities are no longer patched. Upgrade to a supported version immediately.
Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA