Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6525 matches found

OSV
OSVadded 2025/09/16 11:15 a.m.1 views

CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

7.5CVSS6.9AI score0.00112EPSS
Exploits0References1
OSV
OSVadded 2025/09/16 11:15 a.m.0 views

UBUNTU-CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

7.5CVSS6.5AI score0.00112EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/09/16 10:15 a.m.2 views

CVE-2025-41249 CVE-2025-41249: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

7.5CVSS6.5AI score0.00112EPSS
Exploits0References1
CVE
CVEadded 2025/09/16 10:15 a.m.35 views

CVE-2025-41249

CVE-2025-41249 : The Spring Framework annotation detection mechanism may fail to resolve annotations on methods in type hierarchies with a parameterized super type with unbounded generics, potentially affecting applications that use Spring Security’s @EnableMethodSecurity. If you rely on method s...

7.5CVSS6.1AI score0.00112EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2025/09/16 10:15 a.m.3 views

CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

7.5CVSS6.7AI score0.00112EPSS
Exploits0
Cvelist
Cvelistadded 2025/09/16 10:15 a.m.9 views

CVE-2025-41249 CVE-2025-41249: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

7.5CVSS0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/09/16 10:10 a.m.2 views

CVE-2025-41248 CVE-2025-41248: Spring Security authorization bypass for method security annotations on parameterized types

The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization...

7.5CVSS6.5AI score0.0009EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/16 10:10 a.m.6 views

CVE-2025-41248 CVE-2025-41248: Spring Security authorization bypass for method security annotations on parameterized types

The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization...

7.5CVSS0.0009EPSS
Exploits0References1
CVE
CVEadded 2025/09/16 10:10 a.m.45 views

CVE-2025-41248

The connected IBM security bulletins confirm CVE-2025-41248 is a Spring Framework annotation resolution issue affecting methods in type hierarchies with parameterized unbounded generics, potentially bypassing authorization when using EnableMethodSecurity (e.g., @PreAuthorize). Remediation via IBM...

7.5CVSS6.1AI score0.0009EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/16 12:0 a.m.1 views

Spring Framework 安全漏洞

Spring Framework is a Spring open source application development framework. A security vulnerability exists in Spring Framework that stems from an annotation detection mechanism that fails to properly parse method annotations in generic superclasses, which could lead to an incorrect authorization...

7.5CVSS7.8AI score0.00112EPSS
Exploits0References5
OpenVAS
OpenVASadded 2025/09/16 12:0 a.m.2 views

VMware Spring Framework <= 5.3.44, 6.0.0 - 6.1.22, 6.2.0 - 6.2.10 Annotation Detection Vulnerability - Windows

The VMware Spring Framework is prone to an annotation detection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/16 12:0 a.m.1 views

Spring Security 安全漏洞

Spring Security is a Spring open source security framework with authentication and authorization capabilities. A security vulnerability exists in Spring Security that stems from the annotation detection mechanism not being able to correctly resolve annotations for methods in generic superclasses,...

7.5CVSS8.6AI score0.0009EPSS
Exploits0References5
Spring Engineering
Spring Engineeringadded 2025/09/16 12:0 a.m.5 views

Connect Your AI to Everything: Spring AI's MCP Boot Starters

The Model Context Protocol MCP standardizes how AI applications interact with external tools and resources. Spring joined the MCP ecosystem early as a key contributor, helping to develop and maintain the official MCP Java SDK that serves as the foundation for Java-based MCP implementations...

7.8AI score
Exploits0
OpenVAS
OpenVASadded 2025/09/16 12:0 a.m.1 views

VMware Spring Framework <= 5.3.44, 6.0.0 - 6.1.22, 6.2.0 - 6.2.10 Annotation Detection Vulnerability - Linux

The VMware Spring Framework is prone to an annotation detection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/16 12:0 a.m.2 views

Spring Cloud Gateway 安全漏洞

Spring Cloud Gateway is a Spring open source API gateway framework. A security vulnerability exists in Spring Cloud Gateway that stems from a possible modification of Spring environment properties...

10CVSS6.5AI score0.06417EPSS
Exploits0References1
Spring Engineering
Spring Engineeringadded 2025/09/16 12:0 a.m.2 views

API Versioning in Spring

In this 2nd blog post of the Road to GA series highlighting major features within the Spring portfolio for the next major versions to be released in November, I’m going to focus on the upcoming API Versioning support in Spring Framework 7. Introduction API versioning is a challenging topic. Most...

6.6AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2025/09/15 12:0 a.m.3 views

PT-2025-37862

Name of the Vulnerable Software and Affected Versions Spring Framework affected versions not specified Description The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type. This can lead to an...

7.5CVSS6.3AI score0.00112EPSS
Exploits0References33
Positive Technologies
Positive Technologiesadded 2025/09/15 12:0 a.m.2 views

PT-2025-37861

Name of the Vulnerable Software and Affected Versions Spring Framework affected versions not specified Description The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type. This can lead to an...

7.8CVSS7.3AI score0.0009EPSS
Exploits0References31
Gitee
Giteeadded 2025/09/14 1:32 p.m.163 views

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

7.2AI score
Exploits0
Gitee
Giteeadded 2025/09/13 5:14 p.m.189 views

ysoserial

This is a Java-based proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, named ysoserial, is designed to create gadgets that can be used to execute arbitrary commands on a vulnerable application. The gadgets are created by wrapping a...

7.8AI score
Exploits0
Rows per page
Query Builder