Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: spring Clear
ID Title
CVE-2026-50201 Privilege Escalation in Steeltoe.Management.Endpoint (CVE-2026-50201)
vulnerability in Steeltoe.Management.Endpoint (CVE-2026-50201). Confidential information can be exposed externally. Exploitable via ``EndpointPermissions.Restricted``. Mitigation: upgrade to `4.2.0` or later.
CVE-2026-47835 Vulnerability in CVE-2026-47835 (CVE-2026-47835)
vulnerability in CVE-2026-47835 (CVE-2026-47835). Confidential information can be exposed externally.
CVE-2026-41708 Vulnerability in dos (CVE-2026-41708)
vulnerability in dos (CVE-2026-41708). Risk of unauthorized operations or information disclosure.
CVE-2026-41001 Vulnerability in spring (CVE-2026-41001)
vulnerability in spring (CVE-2026-41001). Risk of unauthorized operations or information disclosure.
CVE-2026-40992 Vulnerability in spring (CVE-2026-40992)
vulnerability in spring (CVE-2026-40992). Risk of unauthorized operations or information disclosure.
CVE-2026-41855 Unsafe Deserialization in spring (CVE-2026-41855)
vulnerability in spring (CVE-2026-41855). Successful exploitation can lead to full system takeover.
CVE-2026-41854 SSRF (Server-Side Request Forgery) in spring (CVE-2026-41854)
SSRF in spring (CVE-2026-41854). Risk of unauthorized operations or information disclosure.
CVE-2026-41853 Vulnerability in spring (CVE-2026-41853)
vulnerability in spring (CVE-2026-41853). Risk of unauthorized operations or information disclosure.
CVE-2026-41852 Authorization Flaw in spring (CVE-2026-41852)
vulnerability in spring (CVE-2026-41852). Risk of unauthorized operations or information disclosure.
CVE-2026-41851 Vulnerability in spring (CVE-2026-41851)
vulnerability in spring (CVE-2026-41851). Risk of unauthorized operations or information disclosure.
CVE-2026-41850 Vulnerability in spring (CVE-2026-41850)
vulnerability in spring (CVE-2026-41850). Risk of unauthorized operations or information disclosure.
CVE-2026-41849 Vulnerability in spring (CVE-2026-41849)
vulnerability in spring (CVE-2026-41849). Risk of unauthorized operations or information disclosure.
CVE-2026-41842 Vulnerability in spring (CVE-2026-41842)
vulnerability in spring (CVE-2026-41842). Risk of unauthorized operations or information disclosure.
CVE-2026-41848 Vulnerability in spring (CVE-2026-41848)
vulnerability in spring (CVE-2026-41848). Risk of unauthorized operations or information disclosure.
CVE-2026-41847 Vulnerability in spring (CVE-2026-41847)
vulnerability in spring (CVE-2026-41847). Risk of unauthorized operations or information disclosure.
CVE-2026-41846 Cross-Site Scripting (XSS) in spring (CVE-2026-41846)
cross-site scripting in spring (CVE-2026-41846). Confidential information can be exposed externally.
CVE-2026-41845 Cross-Site Scripting (XSS) in spring (CVE-2026-41845)
cross-site scripting in spring (CVE-2026-41845). Confidential information can be exposed externally.
CVE-2026-41844 Open Redirect in spring (CVE-2026-41844)
vulnerability in spring (CVE-2026-41844). Risk of unauthorized operations or information disclosure.
CVE-2026-41843 Path Traversal in spring (CVE-2026-41843)
path traversal in spring (CVE-2026-41843). Confidential information can be exposed externally.
CVE-2026-41841 Vulnerability in spring (CVE-2026-41841)
vulnerability in spring (CVE-2026-41841). Confidential information can be exposed externally.
CVE-2026-41840 Vulnerability in spring (CVE-2026-41840)
vulnerability in spring (CVE-2026-41840). Risk of unauthorized operations or information disclosure.
CVE-2026-41839 Vulnerability in spring (CVE-2026-41839)
vulnerability in spring (CVE-2026-41839). Risk of unauthorized operations or information disclosure.
CVE-2026-41838 Vulnerability in spring (CVE-2026-41838)
vulnerability in spring (CVE-2026-41838). Confidential information can be exposed externally.
CVE-2026-44308 Vulnerability in io.awspring.cloud:spring-cloud-aws-sns (CVE-2026-44308)
vulnerability in io.awspring.cloud:spring-cloud-aws-sns (CVE-2026-44308). Risk of unauthorized operations or information disclosure.
CVE-2026-45091 Information Disclosure in sealed-env (CVE-2026-45091)
vulnerability in sealed-env (CVE-2026-45091). Confidential information can be exposed externally. Mitigation: upgrade to `0.1.0-alpha.4` or later.
CVE-2026-40976 Vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976)
vulnerability in org.springframework.boot:spring-boot (CVE-2026-40976). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.6` or later.
CVE-2026-40975 Vulnerability in spring (CVE-2026-40975)
vulnerability in spring (CVE-2026-40975). Risk of unauthorized operations or information disclosure.
CVE-2026-40974 Vulnerability in spring (CVE-2026-40974)
vulnerability in spring (CVE-2026-40974). Risk of unauthorized operations or information disclosure.
CVE-2026-40971 Vulnerability in spring (CVE-2026-40971)
vulnerability in spring (CVE-2026-40971). Risk of unauthorized operations or information disclosure.
CVE-2026-40970 Vulnerability in spring (CVE-2026-40970)
vulnerability in spring (CVE-2026-40970). Risk of unauthorized operations or information disclosure.
CVE-2025-11226 Vulnerability in spring (CVE-2025-11226)
vulnerability in spring (CVE-2025-11226). Risk of unauthorized operations or information disclosure.
CVE-2017-8046 Vulnerability in spring (CVE-2017-8046)
vulnerability in spring (CVE-2017-8046). Successful exploitation can lead to full system takeover.
CVE-2016-5007 Vulnerability in spring (CVE-2016-5007)
vulnerability in spring (CVE-2016-5007). Data can be tampered with by attackers.
CVE-2015-5211 Vulnerability in spring (CVE-2015-5211)
vulnerability in spring (CVE-2015-5211). Successful exploitation can lead to full system takeover.
CVE-2014-0225 XXE (XML External Entity) in spring (CVE-2014-0225)
vulnerability in spring (CVE-2014-0225). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →