Description
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0.
Related CPE's
a
apache
camel
3
References
https://camel.apache.org/security/CVE-2025-66169.html
Mailing ListVendor AdvisoryIssue Tracking
http://www.openwall.com/lists/oss-security/2026/01/13/5
Mailing ListThird Party Advisory
Weaknesses
134c704f-9b21-4f2e-91b3-4a467353bcc0
Secondary
CWE-89
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 · Medium
Information
Source identifier
Vulnerability status
Analyzed
Published
2026-01-14T12:16:32.257Z
2 days agoLast modified
2026-01-16T14:29:11.873Z
4 hours ago