CVE-2026-22751
The CVE-2026-22751 entry concerns a TOCTOU race condition in Spring Security when applications explicitly configure One-Time Token login with JdbcOneTimeTokenService. Affected versions are Spring Security 6.4.0–6.4.15, 6.5.0–6.5.9, and 7.0.0–7.0.4. The vulnerability description (from the connecte...