diff --git a/java/ql/integration-tests/java/query-suite/java-code-scanning.qls.expected b/java/ql/integration-tests/java/query-suite/java-code-scanning.qls.expected
index a8ce00aca6c5..3290e0d84b0e 100644
--- a/java/ql/integration-tests/java/query-suite/java-code-scanning.qls.expected
+++ b/java/ql/integration-tests/java/query-suite/java-code-scanning.qls.expected
@@ -12,7 +12,6 @@ ql/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalFromRemote.ql
 ql/java/ql/src/Security/CWE/CWE-074/JndiInjection.ql
 ql/java/ql/src/Security/CWE/CWE-074/XsltInjection.ql
 ql/java/ql/src/Security/CWE/CWE-078/ExecTainted.ql
-ql/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql
 ql/java/ql/src/Security/CWE/CWE-079/XSS.ql
 ql/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql
 ql/java/ql/src/Security/CWE/CWE-090/LdapInjection.ql
diff --git a/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql b/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql
index d50f583bbfe3..afa675c7f7b2 100644
--- a/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql
+++ b/java/ql/src/Security/CWE/CWE-078/ExecUnescaped.ql
@@ -5,7 +5,7 @@
  * @kind problem
  * @problem.severity error
  * @security-severity 9.8
- * @precision high
+ * @precision medium
  * @id java/concatenated-command-line
  * @tags security
  *       external/cwe/cwe-078
diff --git a/java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md b/java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md
new file mode 100644
index 000000000000..392e1965defa
--- /dev/null
+++ b/java/ql/src/change-notes/2025-06-10-reduce-precision-for-building-cmdline-with-string-concatenation.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* Adjusts the `@precision` from high to medium for `java/concatenated-command-line` because it is producing false positive alerts when the concatenated strings are hard-coded.