CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

249 matches found

Spring Engineering•added 2026/05/26 12:0 a.m.•7 views

This Week in Spring - May 26th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in Coimbra, Portugal, where I just did my usual shtick on the latest and greatest in Spring Framework 7.x, Spring Boot 4.x, and Spring AI 2.x. It was a ton of fun, and I want to thank everybody who came out. Last week I w...

5.8AI score

Exploits0

Spring Engineering•added 2026/05/21 12:0 a.m.•3 views

A Bootiful Podcast: Hadi Hariri, Jetbrains legend

Hi Spring and Kotlin fans! In this installment, I have the privilege of talking to my old friend and JetBrains legend Hadi Hariri, recorded live from Kotlin Conf 2026 in Munich, Germany! kotlin jvm java springboot...

5.8AI score

Exploits0

Packet Storm News•added 2026/05/12 12:0 a.m.•4 views

VulTriage: Triple-Path Context Augmentation for LLM-Based Vulnerability Detection

Automated vulnerability detection is a fundamental task in software security, yet existing learning-based methods still struggle to capture the structural dependencies, domain-specific vulnerability knowledge, and complex program semantics required for accurate detection. Recent Large Language...

5.9AI score

Exploits0

Spring Engineering•added 2026/05/07 12:0 a.m.•10 views

A Bootiful Podcast: Daniel Garnier-Moiroux on his new book 'Testing Spring Boot Applications'

Hi Spring fans! In this installment I'm thrilled to have had the opportunity to sit down and talk to Daniel Garnier-Moiroux and talk about "Testing Spring Boot Applications," from Manning! testing springboot java kotlin springframework...

5.8AI score

Exploits0

vulnersOsv•added 2026/04/29 12:33 p.m.•11 views

ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1788 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)

org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22741 Source advisory: OSV:GHSA-WG35-8JPF-2XV3...

3.1CVSS5.8AI score0.00083EPSS

Exploits0

Spring Engineering•added 2026/04/23 12:0 a.m.•3 views

A Bootiful Podcast: A Bootiful Podcast: Dr. Venkat Subramaniam and James Ward on Intelligent Kotlin and So Much More

I am beyond thrilled that I got to co-present with two legends, Dr. Venkat Subramaniam and James Ward, at Voxxed Days Amsterdam, and even more so that they both sat down for a quick discussion with me right before that presentation. Enjoy!...

5.8AI score

Exploits0

Spring Engineering•added 2026/04/07 12:0 a.m.•4 views

This Week in Spring - April 7th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! It's April 7th, 2026, and I'm on the road! I started the journey for the amazing Voxxed Days Amsterdam show and am now winding my way through France. I visited Colmar, a beautiful city from which the animators on Disney's Beau...

5.8AI score

Exploits0

Packet Storm News•added 2026/04/01 12:0 a.m.•0 views

Enhancing REST API Fuzzing with Access Policy Violation Checks and Injection Attacks

Due to their widespread use in industry, several techniques have been proposed in the literature to fuzz REST APIs. Existing fuzzers for REST APIs have been focusing on detecting crashes e.g., 500 HTTP server error status code. However, security vulnerabilities can have major drastic consequences...

6AI score

Exploits0

vulnersOsv•added 2026/03/26 6:49 p.m.•7 views

at.aimit.mariella:persistence-kotlin (>=1.0.5 <=1.0.8), cloud.piranha.http:piranha-http-netty (>=25.4.0 <=25.5.0) +281 more potentially affected by CVE-2026-33871 via io.netty:netty-codec-http2 (>=4.2.0.Alpha1 <=4.2.0.RC4)

io.netty:netty-codec-http2 MAVEN version =4.2.0.Alpha1, =1.0.5, =25.4.0, =25.4.0, =7.9.0, =0.2.2, =0.2.4 - com.hexagontk.http:httpservernetty =4.1.1 - com.hexagontk.http:httpservernettyepoll =4.1.1 - com.inqwise:inqwise-context =1.0.0 - com.inqwise:inqwise-neo4j-client =1.0.0 and more Source cves...

8.7CVSS7.2AI score0.00038EPSS

Exploits0

Spring Engineering•added 2026/03/10 12:0 a.m.•5 views

This Week in Spring - March 10th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring. As I write this, I am preparing for a trip to Rust, Germany, for one of the best Java conferences in Europe: JavaLand, along with its new companion event, DevLand. It should be fun. Will you be around? If so, say hi. We have ...

5.8AI score

Exploits0

IBM Security Bulletins•added 2026/03/09 2:42 p.m.•5 views

Security Bulletin: Due to the use of JetBrains Kotlin, IBM webMethods BPM is vulnerable to the use of Java API for temporary file and folder creation

Summary IBM webMethods BPM uses JetBrains Kotlin which is vulnerable to the use of Java API for temporary file and folder creation. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An...

5.3CVSS5.8AI score0.00004EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/02/17 4:35 a.m.•5 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to kotlin-stdlib

Summary IBM webMethods BPM uses kotlin-stdlib in all Kotlin-based modules to provide core Kotlin language support and runtime utilities. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation...

5.3CVSS8.4AI score0.00004EPSS

Exploits0Affected Software1

Spring Engineering•added 2026/01/26 12:0 a.m.•6 views

This Week in Spring - January 26th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I cannot believe we're nearly at the end of the month! Time sure flies. Spring AI 2.0.0-M2 is available now Spring Modulith 2.1 M1, 2.0.2, and 1.4.7 released In last week's installment of A Bootiful Podcast ,...

5.9AI score

Exploits0

Spring Engineering•added 2025/12/23 12:0 a.m.•7 views

This Week in Spring – December 23rd, 2025

Happy holidays, everyone! The year may be winding down, but the Spring ecosystem continues unabated. We’re now a few weeks past the generational Spring Boot 4.0 release in November, and there have been tons of releases and patches since then. There’s also equal excitement reflected in posts from...

6.8AI score

Exploits0

Spring Engineering•added 2025/12/18 12:0 a.m.•3 views

Next level Kotlin support in Spring Boot 4

Following the announcement of the strategic partnership between JetBrains and Spring in May, I would like to share a global update on various Kotlin-related features and documentation enhancements we have made recently, with the goal of making Spring Boot 4 the best framework to develop backend...

7AI score

Exploits0

vulnersOsv•added 2025/12/15 11:28 p.m.•10 views

ai.catboost:catboost-spark_4.1_2.13 (=1.2.10), ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0) +3815 more potentially affected by CVE-2025-67735 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.7.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =25.9.0, =26.3.1 and more Source cves: CVE-2025-67735 Source advisory: SNYK:JAVA-IONETTY-14423947...

6.5CVSS6.7AI score0.00024EPSS

Exploits1

Spring Engineering•added 2025/12/09 12:0 a.m.•5 views

This Week in Spring - December 9th, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! I am in lovely New Jersey, the Garden State , as I write this and I spent most of the last week in New Orleans. It's been a busy week in the Spring community and beyond and so you know what that means? There's a ton of stuff ...

6.8AI score

Exploits0