Platform
java
Component
org.springframework.ai:spring-ai-neo4j-store
Fixed in
1.0.5
1.1.4
1.0.5
CVE-2026-22743 describes a Cypher injection vulnerability within the Neo4jVectorFilterExpressionConverter component of Spring AI's spring-ai-neo4j-store. Specifically, improper sanitization of user-controlled strings passed as filter expression keys allows for the injection of malicious Cypher code. This can lead to unauthorized data access or manipulation within the Neo4j database. The vulnerability affects Spring AI versions from 1.0.0 before 1.0.5 and from 1.1.0 before 1.1.4. A fix is available in version 1.0.5.
CVE-2026-22743 presents a significant risk to applications utilizing Spring AI with Neo4j integration. An attacker could exploit this Cypher injection vulnerability by crafting a malicious filter expression key within the Neo4jVectorFilterExpressionConverter of the spring-ai-neo4j-store component. This crafted key, when processed by the doKey() method, is embedded directly into a Cypher query without proper escaping of backticks. Consequently, an attacker can inject arbitrary Cypher code, potentially leading to unauthorized access to sensitive data stored within the Neo4j graph database. For example, an attacker could inject code to retrieve all nodes with a specific label, or even modify existing data. The blast radius extends to any data accessible through Neo4j queries executed by the application. This includes user profiles, application configurations, and any other data modeled within the graph. The severity is HIGH (CVSS score 7.5) due to the potential for significant data exposure and manipulation, especially in environments where Neo4j is used to store critical business information or personally identifiable information (PII). Successful exploitation could result in data breaches, denial of service, or even complete compromise of the Neo4j database.
Currently, there are no publicly available exploitation reports or proof-of-concept (POC) code for CVE-2026-22743. This is indicated by the lack of public exploitation reports (KEV). However, the vulnerability's nature – a Cypher injection flaw – makes it potentially exploitable by attackers with knowledge of Cypher query language and Neo4j. The absence of public exploits does not diminish the risk, as attackers may be actively developing exploits internally. Given the HIGH severity rating and the potential impact, it is crucial to prioritize patching or implementing appropriate workarounds to mitigate this vulnerability. The lack of public exploits currently lowers the immediate urgency, but proactive remediation is strongly recommended to prevent future exploitation.
Exploit Status
EPSS
0.06% (18% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-22743 is to upgrade Spring AI to version 1.0.5 or later if using Spring AI 1.x, or to version 1.1.4 or later if using Spring AI 1.1.x. These patched versions contain fixes to properly escape backticks within the Cypher query construction. If immediate patching is not feasible, a temporary workaround involves carefully validating and sanitizing any user-controlled input used as a filter expression key. This validation should include strict checks to prevent the inclusion of backticks or other potentially malicious characters. However, this workaround is not a substitute for patching and should be considered a temporary measure only. After applying the patch or implementing a workaround, thoroughly test the application's integration with Neo4j to ensure that the vulnerability has been effectively addressed and that no new issues have been introduced. Specifically, test scenarios involving user-provided filter expressions to confirm proper escaping and query construction.
Update the spring-ai-neo4j-store dependency to version 1.0.5 or higher if you are using the 1.0.x branch, or to version 1.1.4 or higher if you are using the 1.1.x branch. This corrects the Cypher injection vulnerability. Check the release notes for additional details about the update.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-22743 is a Cypher injection vulnerability in Spring AI's spring-ai-neo4j-store component that allows attackers to inject malicious Cypher code into Neo4j queries.
You are affected if you are using Spring AI versions 1.0.0 through 1.0.4, or 1.1.0 through 1.1.3.
Upgrade Spring AI to version 1.0.5 or later for Spring AI 1.x, or to version 1.1.4 or later for Spring AI 1.1.x.
Currently, there are no public exploitation reports or proof-of-concept code available for this vulnerability.
Refer to the National Vulnerability Database (NVD) entry at [https://nvd.nist.gov/vuln/detail/CVE-2026-22743](https://nvd.nist.gov/vuln/detail/CVE-2026-22743) for more information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.