ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.org.consumerdatastandards:client-cli (>=1.1.1 <=2.4.1) +1472 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring5 (>=3.0.10.RELEASE <=3.1.3.RELEASE)

org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.10.RELEASE, =0.5.0, =1.1.1, =3.4.0, =5.6.5, =4.1.0, =4.1.0, =3.7.0, =3.7.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =3.7.0, =5.5.7 and more Source cves: CVE-2026-40478 Source advisory: OSV:GHSA-XJW8-8C5C-9R79...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.org.consumerdatastandards:client-cli (>=1.1.1 <=2.4.1) +1472 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring5 (>=3.0.10.RELEASE <=3.1.3.RELEASE)

org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.10.RELEASE, =0.5.0, =1.1.1, =3.4.0, =5.6.5, =4.1.0, =4.1.0, =3.7.0, =3.7.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =3.7.0, =5.5.7 and more Source cves: CVE-2026-40478 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078378...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.org.consumerdatastandards:client-cli (>=1.1.1 <=2.4.1) +1472 more potentially affected by CVE-2026-40477 via org.thymeleaf:thymeleaf-spring5 (>=3.0.10.RELEASE <=3.1.3.RELEASE)

org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.10.RELEASE, =0.5.0, =1.1.1, =3.4.0, =5.6.5, =4.1.0, =4.1.0, =3.7.0, =3.7.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =3.7.0, =5.5.7 and more Source cves: CVE-2026-40477 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078371...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.org.consumerdatastandards:client-cli (>=1.1.1 <=2.4.1) +1472 more potentially affected by CVE-2026-40477 via org.thymeleaf:thymeleaf-spring5 (>=3.0.10.RELEASE <=3.1.3.RELEASE)

org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.10.RELEASE, =0.5.0, =1.1.1, =3.4.0, =5.6.5, =4.1.0, =4.1.0, =3.7.0, =3.7.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =3.7.0, =5.5.7 and more Source cves: CVE-2026-40477 Source advisory: OSV:GHSA-R4V4-5MWR-2FWR...

CVE-2021-43466

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...

Thymeleaf 命令注入漏洞

Thymeleaf-Spring5 is an open source modern server-side Java template engine for web and standalone environments from the Thymeleaf team. A security vulnerability exists in Thymeleaf version 3.1.1.RELEASE and prior versions. An attacker can exploit the vulnerability to gain write access to...

GHSA-QCJ6-JQRG-4WP2 Template injection in thymeleaf-spring5

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...

Template injection in thymeleaf-spring5

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), au.org.consumerdatastandards:client-cli (>=1.1.1 <=2.2.0) +1002 more potentially affected by CVE-2021-43466 via org.thymeleaf:thymeleaf-spring5 (>=3.0.10.RELEASE <=3.0.12.RELEASE)

org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.10.RELEASE, =0.5.0, =1.1.1, =3.7.0, =4.1.0, =4.1.0, =3.7.0, =3.7.0, =5.3.0, =5.1.0, =5.3.0, =3.7.0, =4.0.0, =3.7.0, =5.1.0, =5.6.5 and more Source cves: CVE-2021-43466 Source advisory: OSV:GHSA-QCJ6-JQRG-4WP2...

CVE-2021-43466

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...

CVE-2021-43466

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...

Remote code execution

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...

PT-2021-23849 · Unknown · Thymeleaf-Spring5

Name of the Vulnerable Software and Affected Versions: thymeleaf-spring5 version 3.0.12 Description: The issue in thymeleaf-spring5 may lead to remote code execution when thymeleaf is combined with specific scenarios in template injection. Recommendations: For thymeleaf-spring5 version 3.0.12, at...

CVE-2021-43466

CVE-2021-43466 affects thymeleaf-spring5, specifically the 3.0.12 release, where template injection in Thymeleaf can lead to remote code execution. The vulnerability is tied to thymeleaf-spring5 usage and template rendering scenarios that enable code execution. Remediation in the provided docs re...

Thymeleaf-Spring5 代码注入漏洞

Thymeleaf-Spring5 is an open source, modern, server-side Java template engine for web and standalone environments from the Thymeleaf team. A security vulnerability exists in Thymeleaf-Spring5, which arises from a networked system or product that does not properly filter specific elements of...

CVE-2021-43466

In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution...