6504 matches found
CVE-2026-40967
In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected versions: Spring AI: 1.0.0...
VMware Spring Framework 安全漏洞
VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, a US-based company. This framework helps developers build high-quality applications. There is a security vulnerability in the VMware Spring Framework, which stems from caching malicious resources duri...
Linux Distros Unpatched Vulnerability : CVE-2026-40970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch...
VMware Spring Framework 资源管理错误漏洞
VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware Corporation in the United States. This framework helps developers build high-quality applications. There is a resource management vulnerability in the VMware Spring Framework, which stems from a...
PT-2026-35909
Name of the Vulnerable Software and Affected Versions Spring MVC affected versions not specified Spring WebFlux affected versions not specified Description Applications using Spring MVC or Spring WebFlux are susceptible to Denial of Service attacks when serving static resources from the file syst...
VMware Spring Framework 资源管理错误漏洞
VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. There is a resource management vulnerability in the VMware Spring Framework, where temporary files created during processing...
PT-2026-35908
Name of the Vulnerable Software and Affected Versions Spring MVC affected versions not specified Spring WebFlux affected versions not specified Description Applications using Spring MVC or Spring WebFlux are susceptible to cache poisoning during the resolution of static resources. This occurs whe...
Spring gRPC AuthenticationException messages are reflected to remote client
The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...
GHSA-4G9C-3X4P-MFPP Spring gRPC SecurityContext leaks across requests upon authorization failure
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...
Spring gRPC SecurityContext leaks across requests upon authorization failure
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...
GHSA-37W2-Q6VH-45V6 Spring gRPC AuthenticationException messages are reflected to remote client
The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...
CVE-2026-40968
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...
CVE-2026-40969
The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...
CVE-2026-40969 Spring gRPC AuthenticationException message reflected to remote client
The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...
EUVD-2026-26064
The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 — Demo Methodology ⚠️ Overview This demo s...
CVE-2026-40968
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...
CVE-2026-40968 Spring gRPC SecurityContext leaks across requests on authorization failure
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...
CVE-2026-40968
CVE-2026-40968 affects Spring gRPC 1.0.0–1.0.2 (fixed in 1.0.3; older/unsupported versions also affected). The issue: when an authenticated user is denied access to a gRPC method, the user’s authenticated identity remains bound to a gRPC worker thread and can be inherited by a subsequent unauthen...
EUVD-2026-26054
When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions:...