CVE-2026-41699 Unsafe Deserialization in Spring GraphQL

Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Execution when the application exposes a paginated Connection field and the classpath contains specifi...

CVE-2026-41699

Summary (CVE-2026-41699) : Spring for GraphQL applications are vulnerable to unsafe deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that may lead to Remote Code Execution if the application exposes a paginated (Connection) field and the...

CVE-2024-2105

CVE-2024-2105 concerns JBL Bluetooth audio devices where an unauthorised nearby attacker can trigger a deadlock during BLE connection requests due to improper validation of the ICM field. Related records reference JBL products but do not disclose exact affected versions, exploit details, or remed...

DEBIAN-CVE-2022-50214

In the Linux kernel, the following vulnerability has been resolved: coresight: Clear the connection field properly coresight devices track their connections output connections and hold a reference to the fwnode. When a device goes away, we walk through the devices on the coresight bus and make su...

PT-2022-33933 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue is related to the coresight component, where the connection field is not properly cleared. This is an automated ID intended to aid in discovery of potential security...

PT-2022-34170 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.137 Description: The issue is related to the coresight component, where the connection field is not properly cleared. This is an automated ID intended to aid in discovery of potential security...