Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41855 |
|
Unsafe Deserialization in spring (CVE-2026-41855)
vulnerability in spring (CVE-2026-41855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41854 |
|
SSRF (Server-Side Request Forgery) in spring (CVE-2026-41854)
SSRF in spring (CVE-2026-41854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41853 |
|
Vulnerability in spring (CVE-2026-41853)
vulnerability in spring (CVE-2026-41853). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41852 |
|
Authorization Flaw in spring (CVE-2026-41852)
vulnerability in spring (CVE-2026-41852). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41851 |
|
Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41849 |
|
Vulnerability in spring (CVE-2026-41849)
vulnerability in spring (CVE-2026-41849). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41844 |
|
Open Redirect in spring (CVE-2026-41844)
vulnerability in spring (CVE-2026-41844). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41847 |
|
Vulnerability in spring (CVE-2026-41847)
vulnerability in spring (CVE-2026-41847). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41846 |
|
Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
|
| CVE-2026-41845 |
|
Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
|
| CVE-2026-41843 |
|
Path Traversal in spring (CVE-2026-41843)
path traversal in spring (CVE-2026-41843). Confidential information can be exposed externally.
|
| CVE-2026-41842 |
|
Vulnerability in spring (CVE-2026-41842)
vulnerability in spring (CVE-2026-41842). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41841 |
|
Vulnerability in spring (CVE-2026-41841)
vulnerability in spring (CVE-2026-41841). Confidential information can be exposed externally.
|
| CVE-2026-41840 |
|
Vulnerability in spring (CVE-2026-41840)
vulnerability in spring (CVE-2026-41840). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-41838 |
|
Vulnerability in spring (CVE-2026-41838)
vulnerability in spring (CVE-2026-41838). Confidential information can be exposed externally.
|
| CVE-2022-22965 KEV |
|
[KEV] Code Injection in Vmware spring-framework (CVE-2022-22965)
code injection in Vmware spring-framework (CVE-2022-22965). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-5007 |
|
Vulnerability in spring (CVE-2016-5007)
vulnerability in spring (CVE-2016-5007). Data can be tampered with by attackers.
|
| CVE-2015-5211 |
|
Vulnerability in spring (CVE-2015-5211)
vulnerability in spring (CVE-2015-5211). Successful exploitation can lead to full system takeover.
|
| CVE-2014-0225 |
|
XXE (XML External Entity) in spring (CVE-2014-0225)
vulnerability in spring (CVE-2014-0225). Successful exploitation can lead to full system takeover.
|