CVE-2026-1471
2026-03-11
3b236295-4ccd-4a1f-a1c1-a72eecc8d7b6
Lifecycle Timeline
2
Analysis Generated
Mar 12, 2026 - 22:06 vuln.today
CVE Published
Mar 11, 2026 - 17:16 nvd
N/A
Description
Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO (UserInfo endpoint). We recommend upgrading to versions 2026.01.4 (or 5.26.22) where the issue is fixed.
Analysis
Excessive caching of authentication context in Neo4j Enterprise edition versions up to 2026.01.4 is affected by incorrect authorization.
Sign in for full analysis, threat intelligence, and remediation guidance.
Priority Score
0
Low
Medium
High
Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).