ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7626 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2025-8885 Source...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7626 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2025-8885 Source...

This Week in Spring - August 12th, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's August 5th! Which means we're only a few short weeks away until SpringOne 2025! Have you registered? There's so much to cover this week, so let's dive right into it! I love Spring Modulith and I love JetBrains IntelliJ...

Linux Distros Unpatched Vulnerability : CVE-2025-22235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your...

my-site 安全漏洞

my-site is WinterChenS individual developer's personal website based on springboot2.0 development, integrated: personal home page, personal blog, personal works. my-site has a security vulnerability that originates from an authentication flaw caused by improper handling of the parameter uri in th...

CVE-2025-8738

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

CVE-2025-8752

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

CVE-2025-8752 wangzhixuan spring-shiro-training add command injection

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

CVE-2025-8752 wangzhixuan spring-shiro-training add command injection

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

CVE-2025-8752

The CVE-2025-8752 entry concerns the wangzhixuan spring-shiro-training project (up to commit 94812c1fd8f7fe796c931f4984ff1aa0671ab562). The vulnerability is in the /role/add code path and is due to a command injection vulnerability. It is exploitable remotely and has been publicly disclosed. The ...

wangzhixuan spring-shiro-training 注入漏洞

wangzhixuan spring-shiro-training is a learning system from the Chinese company wangzhixuan. An injection vulnerability exists in wangzhixuan spring-shiro-training, which stems from a command injection issue in file /role/add...

PT-2025-32435 · Wangzhixuan · Spring-Shiro-Training

Name of the Vulnerable Software and Affected Versions: wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562 Description: A critical issue exists in wangzhixuan spring-shiro-training. The vulnerability is due to command injection in the /role/add file. This allows for...

CVE-2025-8738

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

CVE-2025-8738 zlt2000 microservices-platform Spring Actuator Interface actuator information disclosure

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated...

CVE-2025-8738

CVE-2025-8738 affects zlt2000 microservices-platform

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947 Spring Cloud Gateway Vulnerability Demonstratio...

PT-2025-32409 · Unknown · Spring Actuator Interface +1

Name of the Vulnerable Software and Affected Versions: zlt2000 microservices-platform versions through 6.0.0 Description: A vulnerability exists in zlt2000 microservices-platform. The issue affects unknown code within the /actuator file of the Spring Actuator Interface component, leading to...

A Bootiful Podcast: Andrew Lombardi, Beginning Spring AI co-author, and friend of the show

Hi, Spring fans! In this installment I am thrilled to talk to my longtime friend Andrew Lombardi about the latest-and-greatest, his new book Beginning Spring AI , and more...

CVE-2025-8525

A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been...