Security Advisory

CVE-2026-1471

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 16:30:24

Last updated 2026-03-11 20:09:18

Assigner Neo4j

State PUBLISHED

Description

Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO (UserInfo endpoint). We recommend upgrading to versions 2026.01.4 (or 5.26.22) where the issue is fixed.

← Browse all CVEs View on cve.org ↗