Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: spring-framework Clear
ID Title
CVE-2026-41855 Unsafe Deserialization in spring (CVE-2026-41855)
vulnerability in spring (CVE-2026-41855). Successful exploitation can lead to full system takeover.
CVE-2026-41854 SSRF (Server-Side Request Forgery) in spring (CVE-2026-41854)
SSRF in spring (CVE-2026-41854). Risk of unauthorized operations or information disclosure.
CVE-2026-41853 Vulnerability in spring (CVE-2026-41853)
vulnerability in spring (CVE-2026-41853). Risk of unauthorized operations or information disclosure.
CVE-2026-41852 Authorization Flaw in spring (CVE-2026-41852)
vulnerability in spring (CVE-2026-41852). Risk of unauthorized operations or information disclosure.
CVE-2026-41851 Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
CVE-2026-41849 Vulnerability in spring (CVE-2026-41849)
vulnerability in spring (CVE-2026-41849). Risk of unauthorized operations or information disclosure.
CVE-2026-41844 Open Redirect in spring (CVE-2026-41844)
vulnerability in spring (CVE-2026-41844). Risk of unauthorized operations or information disclosure.
CVE-2026-41847 Vulnerability in spring (CVE-2026-41847)
vulnerability in spring (CVE-2026-41847). Risk of unauthorized operations or information disclosure.
CVE-2026-41846 Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
CVE-2026-41845 Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
CVE-2026-41843 Path Traversal in spring (CVE-2026-41843)
path traversal in spring (CVE-2026-41843). Confidential information can be exposed externally.
CVE-2026-41842 Vulnerability in spring (CVE-2026-41842)
vulnerability in spring (CVE-2026-41842). Risk of unauthorized operations or information disclosure.
CVE-2026-41841 Vulnerability in spring (CVE-2026-41841)
vulnerability in spring (CVE-2026-41841). Confidential information can be exposed externally.
CVE-2026-41840 Vulnerability in spring (CVE-2026-41840)
vulnerability in spring (CVE-2026-41840). Risk of unauthorized operations or information disclosure.
CVE-2026-41838 Vulnerability in spring (CVE-2026-41838)
vulnerability in spring (CVE-2026-41838). Confidential information can be exposed externally.
CVE-2022-22965 KEV [KEV] Code Injection in Vmware spring-framework (CVE-2022-22965)
code injection in Vmware spring-framework (CVE-2022-22965). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-5007 Vulnerability in spring (CVE-2016-5007)
vulnerability in spring (CVE-2016-5007). Data can be tampered with by attackers.
CVE-2015-5211 Vulnerability in spring (CVE-2015-5211)
vulnerability in spring (CVE-2015-5211). Successful exploitation can lead to full system takeover.
CVE-2014-0225 XXE (XML External Entity) in spring (CVE-2014-0225)
vulnerability in spring (CVE-2014-0225). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →