HIGH | MARCH 19, 2026 | CVE-2026-22731
Description Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint
that requires authentication is declared under a specific path, already configured for a Health Group additional path…
CRITICAL | MARCH 19, 2026 | CVE-2026-22732
Description When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written.
This can open up applications to various attacks including exposing sensitive data…
HIGH | MARCH 19, 2026 | CVE-2026-22733
Description Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint
that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. More precisely…
LOW | MARCH 19, 2026 | CVE-2026-22735
Description Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events (SSE). More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the…
MEDIUM | MARCH 19, 2026 | CVE-2026-22737
Description Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and
Spring WebFlux applications can result in disclosure of content from files outside the
configured locations for script template views. The application must…
HIGH | MARCH 17, 2026 | CVE-2026-22729
Description A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is…
HIGH | MARCH 17, 2026 | CVE-2026-22730
Description A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization…
MEDIUM | JANUARY 13, 2026 | CVE-2026-22718
Description The following versions of the VSCode extension for Spring CLI are vulnerable to command injection,
resulting in command execution on the users machine. The extension reached EOL on May 14, 2025, but
upon receiving the CVE we realized that we could…
MEDIUM | OCTOBER 16, 2025 | CVE-2025-41254
Description STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and Versions Spring Framework: 6.2.0 - 6.2.11 6.1.0 - 6.1.23 6.0.x - 6.0.29 5.3.0 - 5.3.4…
MODERATE | OCTOBER 15, 2025 | CVE-2025-41253
Description The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The…
