Lucene search
K

1286 matches found

OSV
OSV
added yesterday4 views

ROOT-APP-MAVEN-CVE-2026-40992 CVE-2026-40992 in io.root.org.springframework.boot:spring-boot-autoconfigure - Patched by Root

Root has patched CVE-2026-40992 in the io.root.org.springframework.boot:spring-boot-autoconfigure package for Root:Maven. Multiple fixed versions available...

5CVSS5.8AI score0.00123EPSS
Exploits0
OSV
OSV
added yesterday19 views

ROOT-APP-MAVEN-CVE-2026-40973 CVE-2026-40973 in io.root.org.springframework.boot:spring-boot - Patched by Root

Root has patched CVE-2026-40973 in the io.root.org.springframework.boot:spring-boot package for Root:Maven. Multiple fixed versions available...

7CVSS5.8AI score0.00136EPSS
Exploits0
OSV
OSV
added yesterday4 views

ROOT-APP-MAVEN-CVE-2026-41001 CVE-2026-41001 in io.root.org.springframework.boot:spring-boot - Patched by Root

Root has patched CVE-2026-41001 in the io.root.org.springframework.boot:spring-boot package for Root:Maven. Multiple fixed versions available...

5.3CVSS5.8AI score0.00094EPSS
Exploits0
OSV
OSV
added yesterday9 views

ROOT-APP-MAVEN-CVE-2026-40976 CVE-2026-40976 in io.root.org.springframework.boot:spring-boot - Patched by Root

Root has patched CVE-2026-40976 in the io.root.org.springframework.boot:spring-boot package for Root:Maven. Multiple fixed versions available...

9.1CVSS5.8AI score0.00489EPSS
Exploits0
Nuclei
Nuclei
added yesterday90 views

Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution

Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is susceptible to remote code execution. Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view...

8.8CVSS7.5AI score0.12694EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday53 views

Spring Boot Actuator Logview Directory Traversal

spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability in libraries that adds a simple logfile viewer as a spring boot actuator endpoint maven package "eu.hinsch:spring-boot-actuator-logview". id: CVE-2021-21234 info: name: Spring Boot Actuator Logview...

7.7CVSS7.1AI score0.21173EPSS
Exploits2References6
Nuclei
Nuclei
added yesterday34 views

Java-springboot-codebase 1.1 - Arbitrary File Read

OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, applications, and projects. Prior to commit c835c6f7799eacada4c0fc77e0816f250af01ad2, insufficient path traversal mechanisms make absolute path traversal possible. This vulnerability allows unauthorized...

8.7CVSS7.3AI score0.03847EPSS
Exploits13References5
Nuclei
Nuclei
added yesterday18 views

Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

Spring Data REST 2.6.9 and 3.0.1, Spring Boot 1.5.9 and 2.0 M6 contain a remote code execution caused by processing malicious PATCH requests with crafted JSON data, letting attackers execute arbitrary Java code, exploit requires sending malicious PATCH requests. id: CVE-2017-8046 info: name: Spri...

9.8CVSS8.1AI score0.72782EPSS
Exploits8References5
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-41001

A flaw was found in Spring Boot. The ArtemisEmbeddedConfigurationFactory component uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same host can exploit this by pre-creating this predictable directory ...

5.3CVSS5.6AI score0.00094EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2026/06/23 12:0 a.m.57 views

This Week in Spring - June 23rd, 2026

Hi Spring fans! In this installment, we look at the wide and wonderful world of Spring, as usual, and there's a good amount to get to, fresh off the recent Spring Boot 4.1 generation release train, so let's dive right into it! I wrote a blog post looking at Spring Batch, MongoDB, and Spring Boot...

5.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2026/06/21 12:0 a.m.26 views

MongoDB-backed Spring Batch jobs and more in Spring Boot 4.1

Spring Batch was introduced many years before MongoDB existed, and its design assumed the presence of a SQL database in which to store the state of Spring Batch jobs. But that was decades ago, and a common question for anyone new to Spring Batch was, "Why does this thing need to talk to a SQL...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/18 9:50 a.m.14 views

ROOT-APP-MAVEN-CVE-2025-22235 CVE-2025-22235 in io.root.org.springframework.boot:spring-boot - Patched by Root

Root has patched CVE-2025-22235 in the io.root.org.springframework.boot:spring-boot package for Root:Maven. Multiple fixed versions available...

7.3CVSS7.3AI score0.00358EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:50 a.m.9 views

ROOT-APP-MAVEN-CVE-2024-38807 CVE-2024-38807 in io.root.org.springframework.boot:spring-boot-loader - Patched by Root

Root has patched CVE-2024-38807 in the io.root.org.springframework.boot:spring-boot-loader package for Root:Maven. Multiple fixed versions available...

6.3CVSS7.3AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:50 a.m.5 views

ROOT-APP-MAVEN-CVE-2026-22733 CVE-2026-22733 in io.root.org.springframework.boot:spring-boot-starter-actuator - Patched by Root

Root has patched CVE-2026-22733 in the io.root.org.springframework.boot:spring-boot-starter-actuator package for Root:Maven. Multiple fixed versions available...

8.2CVSS5.2AI score0.0036EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:49 a.m.5 views

ROOT-APP-MAVEN-CVE-2026-22731 CVE-2026-22731 in io.root.org.springframework.boot:spring-boot-starter-actuator - Patched by Root

Root has patched CVE-2026-22731 in the io.root.org.springframework.boot:spring-boot-starter-actuator package for Root:Maven. Multiple fixed versions available...

8.2CVSS5.2AI score0.00334EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:47 a.m.11 views

ROOT-APP-MAVEN-CVE-2023-20883 CVE-2023-20883 in io.root.org.springframework.boot:spring-boot-autoconfigure - Patched by Root

Root has patched CVE-2023-20883 in the io.root.org.springframework.boot:spring-boot-autoconfigure package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00904EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:36 a.m.12 views

ROOT-APP-MAVEN-CVE-2026-40972 CVE-2026-40972 in io.root.org.springframework.boot:spring-boot-devtools - Patched by Root

Root has patched CVE-2026-40972 in the io.root.org.springframework.boot:spring-boot-devtools package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00262EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2026/06/18 12:0 a.m.9 views

A Bootiful Podcast: DaShaun Carter on patching, Spring Boot 4.1, and security in the world of AI

Hi Spring fans! In this installment I have the privilege to sit down with my friend DaShaun Carter to talk about patching, Spring Boot 4.1, and security in the world of AI...

5.4AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2026/06/16 12:0 a.m.9 views

This Week in Spring - June 16th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! I'm writing this from the oh-so-delightful and delicious! city of New Delhi, India. It's been a real privilege to come and visit so many amazing people. Last night my friend DaShaun and I presented here at the local Delhi JUG,...

5.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:13 p.m.4 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Authentication Bypass Using an Alternate Path or Channel (CVE-2026-22731, CVE-2026-22733)

Summary There are vulnerabilities in spring-boot-actuator-autoconfigure-3.5.9.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-22731, CVE-2026-22733. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with...

8.2CVSS7.6AI score0.0036EPSS
Exploits0Affected Software1
Rows per page
Query Builder