Lucene search
K

358 matches found

EUVD
EUVD
added 2026/06/09 3:50 a.m.12 views

EUVD-2026-35327

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...

5.9CVSS5.4AI score0.00247EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 a.m.8 views

CVE-2026-41840

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, 5.3.0 through 5.3.48...

5.9CVSS5.8AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 3:50 a.m.43 views

CVE-2026-41840

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, 5.3.0 through 5.3.48...

5.9CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:50 a.m.82 views

CVE-2026-41840

Spring WebFlux applications are vulnerable to Denial of Service when processing multipart requests. Affected: Spring Framework 7.0.0–7.0.7; 6.2.0–6.2.18; 6.1.0–6.1.27; 5.3.0–5.3.48. CVSSv3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (base score 5.9, MEDIUM). Exploitation details are not provided in th...

5.9CVSS5.8AI score0.00247EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/06/09 3:50 a.m.8 views

CVE-2026-41840

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, 5.3.0 through 5.3.48...

5.9CVSS5.8AI score0.00247EPSS
Exploits0
EUVD
EUVD
added 2026/06/09 3:49 a.m.11 views

EUVD-2026-35326

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

4.2CVSS5.2AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 3:49 a.m.39 views

CVE-2026-41839 Spring Framework Escalation via Session Fixation in WebFlux

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

4.2CVSS0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 3:49 a.m.7 views

CVE-2026-41839 Spring Framework Escalation via Session Fixation in WebFlux

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

4.2CVSS5.2AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:49 a.m.58 views

CVE-2026-41839

The CVE-2026-41839 affects Spring Framework WebFlux. A WebFlux application with a compromised subdomain (e.g., via XSS) is vulnerable to an escalation attack that exchanges a known session ID for that of an authenticated user. Affected versions are: Spring Framework 7.0.0–7.0.7; 6.2.0–6.2.18; 6.1...

4.2CVSS5.2AI score0.00197EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/09 3:49 a.m.9 views

CVE-2026-41839

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

4.2CVSS5.2AI score0.00197EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47658

Name of the Vulnerable Software and Affected Versions Spring Framework versions 5.3.0 through 5.3.48 Description Spring WebFlux applications may be subject to a security bypass when utilizing the Kotlin Router DSL. Recommendations At the moment, there is no information about a newer version that...

5.3CVSS5.2AI score0.00166EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47650

Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description A WebFlux application with a compromised...

4.2CVSS5.6AI score0.00197EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Spring Framework 环境问题漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions of the Spring Framework such as 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier have environmental vulnerabilities. These vulnerabilities stem from the fact tha...

5.3CVSS5.4AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47653

Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description Spring MVC and WebFlux applications are...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-47652

Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description Spring MVC and WebFlux applications are...

5.9CVSS5.5AI score0.00313EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-41839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a know...

4.2CVSS5.4AI score0.00197EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Spring Framework 授权问题漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the Spring Framework contain authorization vulnerabilities. These vulnerabilities stem from the WebFlux application,...

4.2CVSS5.3AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47651

Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description Spring WebFlux applications are susceptible ...

5.9CVSS5.8AI score0.00247EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-41840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 throug...

5.9CVSS5.9AI score0.00247EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2026/06/08 12:0 a.m.6 views

CVE-2026-41842: Spring Framework Denial of Service via Versioned Resources in Spring MVC and WebFlux

Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, an attacker can send malicious requests that are slow to...

7.5CVSS5.3AI score0.00399EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder