CVE-2026-41852 Spring Framework Arbitrary Method Invocation in SpEL Expressions

A vulnerability in Spring Expression Language SpEL evaluation logic allows for arbitrary zero-argument method invocation, even within restricted or read-only contexts, which may allow an attacker to invoke unintended application logic. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2....

CVE-2026-41852

Summary (CVE-2026-41852) : A vulnerability in Spring Framework’s SpEL evaluation logic allows arbitrary zero-argument method invocations, including in restricted/read-only contexts, potentially invoking unintended application logic. Affected versions : Spring Framework 7.0.0–7.0.7; 6.2.0–6.2.18; ...

CVE-2026-42555

Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32.0, com.ritense.valtimo:case from 13.0.0 to before 13.23.0, and com.ritense.valtimo:contract from 13.4.0 to before 13.23.0 evaluate Spring Expression Language SpEL expressions...

Expression Language Injection

Spring Cloud Gateway Server Webflux is vulnerable to Expression Language Injection. The vulnerability is due to unsafe SpEL evaluation in routes due to the actuator gateway endpoint being exposed and accessible to untrusted users; attackers can create routes that use SpEL to read environment...

CVE-2024-28848 SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` in OpenMetadata

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎CompiledRule::validateExpression method evaluates an SpEL expression using an StandardEvaluationContext, allowing the...