Exploit for Improper Neutralization of Internal Special Elements in Apache Camel

This is a PoC exploit for CVE-2025-27636, a vulnerability in Apa...

New Home for Spring Integration AWS

The Spring Integration for AWS was always an independent Spring Integration extension project with its own plans and release cycles. The consumption of this single jar library has always added a complexity from the dependency management perspective. It depends not only on Spring Integration modul...

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +25 more potentially affected by CVE-2025-10044 via org.keycloak:keycloak-account-ui (>=21.1.1 <=26.2.5)

org.keycloak:keycloak-account-ui MAVEN version =21.1.1, =2.5.6-24.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.1.0, =26.2.5 a...

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +34 more potentially affected by CVE-2025-10044 via org.keycloak:keycloak-admin-ui (>=15.1.0 <=26.2.5)

org.keycloak:keycloak-admin-ui MAVEN version =15.1.0, =2.5.6-24.0, =0.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.2.5 and more Source cv...

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10.7 for Spring Boot release.

Red Hat build of Apache Camel 4.10.7 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2025-52634 HCL AION is susceptible to Spring Boot Actuator Endpoints Exposed

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue affects HCL AION: 2.0...

CVE-2025-52634

HCL AION (AI lifecycle platform) 2.0 is affected by CVE-2025-52634, described as an information disclosure vulnerability enabling unauthorized access. Multiple sources (NVD, RHACVE, CNVD, CNNVD, CVE lists, PT-2025-41539) corroborate that sensitive information can be exposed to an unauthenticated ...

CVE-2025-52634 HCL AION is susceptible to Spring Boot Actuator Endpoints Exposed

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue affects HCL AION: 2.0...

EUVD-2020-11604

Malware in sbrugna...

EUVD-2021-1047

Malware in sbrugna...

EUVD-2019-18563

Malware in sbrugna...

EUVD-2021-25489

Malware in sbrugna...

EUVD-2018-0721

Malware in sbrugna...

Introducing Jackson 3 support in Spring

This is a new blog post in the Road to GA series, this time sharing more details on the new Jackson 3 support, just a few days after Jackson 3.0.0 GA release, about to be introduced in Spring Boot 4 and related Spring portfolio projects. Jackson is by far the most used JSON library on the JVM, an...

This Week in Spring - October 7th, 2025

Hi, Spring fans! How're you doing this fantastic October afternoon? I'm on a train returning from Frankfurt, Germany, where I spoke at the Cloud Foundry Day Frankfurt event about how awesome it is to build an application with Spring Boot and Cloud Foundry. Yesterday I was in Antwerp, Belgium, and...

EUVD-2024-0410

Malicious code in bioql PyPI...

EUVD-2022-28662

Malicious code in bioql PyPI...

EUVD-2023-3041

Malicious code in bioql PyPI...

EUVD-2023-1303

Malicious code in bioql PyPI...

EUVD-2023-33516

Malicious code in bioql PyPI...