Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Vulnrichment
Vulnrichmentadded 2026/06/11 5:2 a.m.9 views

CVE-2026-40985 Data Binding Vulnerability in Spring Web Flow with Unified EL Parser

Applications that configure the WebFlowELExpressionParser are vulnerable to the use of malicious Unified EL expressions. Affected versions: Spring Web Flow 4.0.0; 3.0.0 through 3.0.1; 2.5.0 through 2.5.1...

6.4CVSS5.5AI score0.00225EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/11 5:2 a.m.22 views

CVE-2026-40985 Data Binding Vulnerability in Spring Web Flow with Unified EL Parser

Applications that configure the WebFlowELExpressionParser are vulnerable to the use of malicious Unified EL expressions. Affected versions: Spring Web Flow 4.0.0; 3.0.0 through 3.0.1; 2.5.0 through 2.5.1...

6.4CVSS0.00225EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.14 views

EUVD-2012-1843

Malware in sbrugna...

5CVSS6.4AI score0.01427EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2022-6263

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01712EPSS
Exploits0References7
OSV
OSVadded 2023/12/20 11:24 p.m.38 views

CVE-2023-46131 Grails® data binding causes JVM crash and/or DoS

Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3,...

6.5CVSS7.3AI score0.00722EPSS
Exploits0References7
Broadcom
Broadcomadded 2022/04/04 12:0 a.m.11 views

BSA-2022-1769

Security Advisory ID : BSA-2022-1769 Component : Spring Framework RCE Revision : 1.0 Brocade PSIRT has become aware ofan RCE vulnerability in the Spring Framework. A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. More...

9.8CVSS8AI score0.99677EPSS
Exploits100
SonicWall
SonicWalladded 2022/04/02 6:13 p.m.15 views

Spring Remote Code Execution: CVE-2022-22963 and CVE-2022-22965

SonicWall PSIRT is tracking two critical vulnerabilities impacting the Spring Framework. This advisory is intended to address both. 1CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring ExpressionIn Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported...

9.8CVSS10AI score0.99939EPSS
Exploits131
CNVD
CNVDadded 2020/06/15 12:0 a.m.1 views

FasterXML jackson-databind code issue vulnerability (CNVD-2020-53535)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.5. No detailed vulnerability details are provided at...

8.1CVSS8.6AI score0.08072EPSS
Exploits0References1
Rows per page
Query Builder