CVE-2025-66169 Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component

🗓️ 14 Jan 2026 11:45:20Reported by apacheType

CVE-2025-66169 Cypher injection in Camel Neo4j; affected versions and upgrades advised.

Reporter	Title	Published	Views	Family All 19
ATTACKERKB	CVE-2025-66169	14 Jan 202611:45	–	attackerkb
Circl	CVE-2025-66169	13 Jan 202615:27	–	circl
CNNVD	Apache Camel 安全漏洞	14 Jan 202600:00	–	cnnvd
CVE	CVE-2025-66169	14 Jan 202611:45	–	cve
EUVD	EUVD-2026-2447	14 Jan 202611:45	–	euvd
Github Security Blog	Apache Camel camel-neo4j component is vulnerable to cypher injection	14 Jan 202612:31	–	github
NVD	CVE-2025-66169	14 Jan 202612:16	–	nvd
OSV	CVE-2025-66169	14 Jan 202612:16	–	osv
OSV	GHSA-4JRW-64VR-7G8M Apache Camel camel-neo4j component is vulnerable to cypher injection	14 Jan 202612:31	–	osv
Positive Technologies	PT-2026-2851	14 Jan 202600:00	–	ptsecurity

[
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.camel:camel-neo4j",
    "product": "Apache Camel Neo4j",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "4.10.8",
        "status": "affected",
        "version": "4.10.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.14.3",
        "status": "affected",
        "version": "4.14.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.17.0",
        "status": "affected",
        "version": "4.15.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
camel	www.camel.apache.org/security/CVE-2025-66169.html

14 Jan 2026 11:45Current

EPSS0.00613