Lucene search
K

4 matches found

NVD
NVD
added 2026/06/11 7:16 a.m.13 views

CVE-2026-41856

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 5:5 a.m.9 views

CVE-2026-41856 Spring GraphQL Annotation Detection Vulnerability

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS5.4AI score0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:5 a.m.29 views

CVE-2026-41856 Spring GraphQL Annotation Detection Vulnerability

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS0.00352EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 12:0 a.m.8 views

Incorrect Authorization

Overview org.springframework.graphql:spring-graphql is a GraphQL Support for Spring Applications Affected versions of this package are vulnerable to Incorrect Authorization via annotation resolution for @Controller data fetchers in Spring GraphQL. An attacker can bypass authorization checks when...

8.3CVSS5.3AI score0.00352EPSS
Exploits0References2
Rows per page
Query Builder