CVE-2025-66169 – This CVE describes a Cypher Injection vulnerabi... (How to Fix)

Q: What is the severity of CVE-2025-66169?

CVE-2025-66169 has a CVSS score of 5.3 (MEDIUM). This CVE describes a Cypher Injection vulnerability in Apache Camel's camel-neo4j component, allowing attackers to execute arbitrary Cypher queries against Neo4j databases. Affected users are those running Apache Camel versions 4.10.0-4.10.7, 4.14.0-4.14.2, or 4.15.0-4.16.x with the camel-neo4j component enabled.

📋 TL;DR

This CVE describes a Cypher Injection vulnerability in Apache Camel's camel-neo4j component, allowing attackers to execute arbitrary Cypher queries against Neo4j databases. Affected users are those running Apache Camel versions 4.10.0-4.10.7, 4.14.0-4.14.2, or 4.15.0-4.16.x with the camel-neo4j component enabled.

💻 Affected Systems

Products:

Apache Camel with camel-neo4j component

Versions: 4.10.0-4.10.7, 4.14.0-4.14.2, 4.15.0-4.16.x

Operating Systems: All operating systems running Java

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using the camel-neo4j component. Other Apache Camel components are not affected.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of Neo4j database including data theft, data manipulation, or data destruction through arbitrary Cypher query execution.

🟠

Likely Case

Unauthorized data access or modification in Neo4j databases, potentially exposing sensitive information or corrupting data integrity.

🟢

If Mitigated

Limited impact if proper input validation and parameterized queries are already implemented, though the underlying vulnerability remains.

🌐 Internet-Facing: MEDIUM - Exploitable if camel-neo4j endpoints are exposed externally, but requires specific attack vectors.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to access Neo4j databases.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires the ability to inject malicious Cypher queries through camel-neo4j endpoints. Similar to SQL injection but for Neo4j's Cypher query language.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.10.8 (for 4.10.x LTS), 4.14.3 (for 4.14.x LTS), 4.17.0 (for 4.15.0+)

Vendor Advisory: https://camel.apache.org/security/CVE-2025-66169.html

Restart Required: Yes

Instructions:

1. Identify your Apache Camel version. 2. Upgrade to the appropriate patched version: 4.10.8 for 4.10.x, 4.14.3 for 4.14.x, or 4.17.0 for 4.15.0+. 3. Restart your Camel applications. 4. Verify the upgrade was successful.

🔧 Temporary Workarounds

Disable camel-neo4j component

all

Temporarily disable the vulnerable camel-neo4j component if not essential

Remove or comment out camel-neo4j dependencies in your pom.xml or build.gradle
Remove camel-neo4j routes from your Camel configurations

Implement input validation

all

Add strict input validation for all parameters passed to camel-neo4j endpoints

Implement parameter validation in your Camel routes before passing to camel-neo4j
Use parameterized queries instead of string concatenation

🧯 If You Can't Patch

Implement network segmentation to isolate Neo4j databases from untrusted networks
Enable strict input validation and use parameterized queries in all camel-neo4j interactions

🔍 How to Verify

Check if Vulnerable:

Check your Apache Camel version and verify if camel-neo4j component is in use. Versions 4.10.0-4.10.7, 4.14.0-4.14.2, or 4.15.0-4.16.x with camel-neo4j are vulnerable.

Check Version:

Check CamelContext version in logs or use: System.out.println(org.apache.camel.CamelContext.getVersion())

Verify Fix Applied:

Verify Apache Camel version is 4.10.8+, 4.14.3+, or 4.17.0+ and camel-neo4j component is updated.

📡 Detection & Monitoring

Log Indicators:

Unusual Cypher query patterns in Neo4j logs
Errors from malformed Cypher queries in Camel logs
Unexpected database access patterns

Network Indicators:

Unusual traffic to Neo4j database ports from Camel applications
Suspicious query patterns in network traffic

SIEM Query:

Search for: 'camel-neo4j' AND ('error' OR 'exception') AND ('cypher' OR 'query') in application logs

📊 Metadata

CVE ID: CVE-2025-66169

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-89

EPSS Score: 0.15% exploit probability (34.8th percentile)

Published: January 14, 2026

Last Updated: January 16, 2026

🔗 References

https://camel.apache.org/security/CVE-2025-66169.html Mailing List,Vendor Advisory,Issue Tracking
http://www.openwall.com/lists/oss-security/2026/01/13/5 Mailing List,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66169, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Camel by Apache

Camel by Apache

Camel by Apache

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable camel-neo4j component

Implement input validation

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities