Lucene search
K

4 matches found

Circl
Circl
added 2026/04/17 11:20 p.m.6 views

CVE-2026-40477

creationtimestamp| type| source ---|---|--- 2026-04-17 23:20:20+00:00| published-proof-of-concept| Telegram/pKVsSWpOH4ztPjCePA6f2TZasDjFWE2MPBTfIhx3aN4UBbI 2026-04-17 23:21:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjq2uskvyj2d...

9CVSS4.8AI score0.00862EPSS
Exploits0References1
NVD
NVD
added 2026/04/17 10:16 p.m.7 views

CVE-2026-40477

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...

9CVSS0.00862EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2026/04/15 7:46 p.m.6 views

best.skn:skn-spring-mail (>=1.0.0 <=2.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.0.0 <=8.8.1) +750 more potentially affected by CVE-2026-40477 via org.thymeleaf:thymeleaf-spring6 (>=3.1.0.M1 <=3.1.3.RELEASE)

org.thymeleaf:thymeleaf-spring6 MAVEN version =3.1.0.M1, =1.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.6.0, =7.6.0, =7.0.0, =7.0.0, =8.8.1 and more Source cves: CVE-2026-40477 Source advisory: OSV:GHSA-R4V4-5MWR-2FWR...

9CVSS5.7AI score0.00862EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 7:46 p.m.6 views

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=6.10.0 <=6.10.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=6.10.0 <=6.10.5) +162 more potentially affected by CVE-2026-40477 via org.thymeleaf:thymeleaf-spring5 (>=3.0.9.RELEASE <=3.1.3.RELEASE)

org.thymeleaf:thymeleaf-spring5 MAVEN version =3.0.9.RELEASE, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =1.19.0, =v1.1, =v1.2 - cn.haoxiaoyong.ocr.email:email-msg =v1.0 and more Source cves: CVE-2026-40477 Source advisory:...

9CVSS5.4AI score0.00862EPSS
Exploits0
Rows per page
Query Builder