Neo4j 5.x — End of Life
Active Critical risk EOL: Jun 6, 2028in 723d26 releases in this series104 CVEs
Neo4j 5.x — All releases
| Version | Released | Active support | EOL date | Latest patch | Status |
|---|---|---|---|---|---|
| 5.26LTS | Dec 6, 2024 | — | Jun 6, 2028 | 5.26.26 | Active |
| 5.25 | Oct 31, 2024 | — | Dec 6, 2024 | 5.25.1 | EOL |
| 5.24 | Sep 27, 2024 | — | Oct 31, 2024 | 5.24.2 | EOL |
| 5.23 | Aug 22, 2024 | — | Sep 27, 2024 | 5.23.0 | EOL |
| 5.22 | Jul 24, 2024 | — | Aug 22, 2024 | 5.22.0 | EOL |
| 5.21 | Jun 28, 2024 | — | Jul 24, 2024 | 5.21.2 | EOL |
| 5.20 | May 23, 2024 | — | Jun 28, 2024 | 5.20.0 | EOL |
| 5.19 | Apr 12, 2024 | — | May 23, 2024 | 5.19.0 | EOL |
| 5.18 | Mar 13, 2024 | — | Apr 12, 2024 | 5.18.1 | EOL |
| 5.17 | Feb 23, 2024 | — | Mar 13, 2024 | 5.17.0 | EOL |
| 5.16 | Jan 22, 2024 | — | Feb 23, 2024 | 5.16.0 | EOL |
| 5.15 | Dec 15, 2023 | — | Jan 22, 2024 | 5.15.0 | EOL |
| 5.14 | Nov 24, 2023 | — | Dec 15, 2023 | 5.14.0 | EOL |
| 5.13 | Oct 23, 2023 | — | Nov 24, 2023 | 5.13.0 | EOL |
| 5.12 | Sep 15, 2023 | — | Oct 23, 2023 | 5.12.0 | EOL |
| 5.11 | Aug 14, 2023 | — | Sep 14, 2023 | 5.11.0 | EOL |
| 5.10 | Jul 19, 2023 | — | Aug 15, 2023 | 5.10.0 | EOL |
| 5.9 | Jun 15, 2023 | — | Jul 19, 2023 | 5.9.0 | EOL |
| 5.8 | May 16, 2023 | — | Jun 15, 2023 | 5.8.0 | EOL |
| 5.7 | Apr 20, 2023 | — | May 16, 2023 | 5.7.0 | EOL |
| 5.6 | Mar 24, 2023 | — | Apr 20, 2023 | 5.6.0 | EOL |
| 5.5 | Feb 16, 2023 | — | Mar 24, 2023 | 5.5.0 | EOL |
| 5.4 | Jan 26, 2023 | — | Feb 16, 2023 | 5.4.0 | EOL |
| 5.3 | Dec 15, 2022 | — | Jan 26, 2023 | 5.3.0 | EOL |
| 5.2 | Nov 21, 2022 | — | Dec 15, 2022 | 5.2.0 | EOL |
| 5.1 | Oct 24, 2022 | — | Nov 21, 2022 | 5.1.0 | EOL |
CVEs affecting Neo4j 5.x (104)
| CVE | Severity | CVSS | EPSS | KEV | Cycle | Description | Published |
|---|---|---|---|---|---|---|---|
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.10 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.12 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.9 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.6 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.25 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.23 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.2 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.15 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.20 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.4 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.18 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.8 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.13 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.26 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.7 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.19 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.11 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.1 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.22 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.14 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.24 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.21 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.3 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.5 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.16 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1524 | CRITICAL | 9.8 | 0.09% | — | 5.17 | An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.13 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.26 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.1 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.15 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.11 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.24 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.16 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.9 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.2 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.20 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.23 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.25 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.12 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.10 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.5 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.3 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.14 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.22 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.19 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.7 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.8 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.18 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.6 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.17 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.4 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1471 | MEDIUM | 6.5 | 0.07% | — | 5.21 | Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticat… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.16 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.10 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.1 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.5 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.24 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.3 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.17 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.14 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.11 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.22 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.19 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.13 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.21 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.7 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.4 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.8 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.15 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.18 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.2 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.20 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.23 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.9 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.26 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.25 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.6 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1497 | HIGH | 7.2 | 0.06% | — | 5.12 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.… | Mar 11, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.20 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.6 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.7 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.10 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.24 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.15 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.9 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.5 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.1 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.21 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.8 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.3 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.11 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.12 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.4 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.14 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.23 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.17 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.2 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.22 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.13 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.26 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.25 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.19 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.18 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
| CVE-2026-1337 | MEDIUM | 5.4 | 0.01% | — | 5.16 | Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can… | Feb 6, 2026 |
Neo4j 5.x will reach end of life — migrate to Neo4j 2025.x
Neo4j 2025.x is the next major release. Plan your upgrade before Neo4j 5.x stops receiving security patches.
Frequently asked questions
Is Neo4j 5 end of life?
Partially. Some Neo4j 5.x releases have reached EOL. Check the version table above for the exact status of each sub-release.
What CVEs affect Neo4j 5?
There are 104 CVEs tracked for Neo4j 5.x, including 26 critical severity issues. See the full list above with CVSS and EPSS scores.
What is the latest Neo4j 5 version?
The latest Neo4j 5.x patch release is 5.26.26, released on May 11, 2026. Always run the latest patch to benefit from all security fixes.
How to migrate from Neo4j 5 to Neo4j 2025?
To migrate from Neo4j 5 to Neo4j 2025: (1) review the official Neo4j 2025 migration guide for breaking changes, (2) update dependencies and configuration accordingly, (3) test thoroughly in a staging environment, (4) deploy with a rollback plan. Starting early gives you time to resolve compatibility issues before your current version reaches end of life.
Is it safe to run Neo4j 5 in production?
Neo4j 5 is still supported and safe for production use until June 6, 2028. Ensure you are running the latest patch version (5.26.26) to have all security fixes applied.
Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA