CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2026/06/10 12:31 a.m.•6 views

EUVD-2026-35900

Spring Data MongoDB contains a SpEL Spring Expression Language expression injection vulnerability. The issue occurs during parameter binding when a user-defined repository query method is annotated with @Query and utilizes a capture-all placeholder. Affected versions: Spring Data MongoDB 5.0.0...

8.1CVSS5.5AI score0.00306EPSS

Exploits0References2

CNNVD•added 2026/06/10 12:0 a.m.•5 views

VMware Spring Data MongoDB 安全漏洞

VMware Spring Data MongoDB is a MongoDB data access framework developed by the American company VMware. There is a security vulnerability in VMware Spring Data MongoDB, which stems from insufficient validation of bound parameters in repository query methods using the @Query annotation and regular...

5.9CVSS5.3AI score0.00257EPSS

Exploits0References1

CNNVD•added 2026/06/10 12:0 a.m.•8 views

VMware Spring Data MongoDB 安全漏洞

VMware Spring Data MongoDB is a MongoDB data access framework developed by the American company VMware. There are security vulnerabilities in VMware Spring Data MongoDB versions 5.0.0 and earlier, as well as versions 4.5.0 and earlier, 4.4.0 and earlier, 4.3.0 and earlier, 4.2.0 and earlier, 4.1....

8.1CVSS5.4AI score0.00306EPSS

Exploits0References1

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-48319

Name of the Vulnerable Software and Affected Versions Spring Data MongoDB versions 5.0.0 through 5.0.5 Spring Data MongoDB versions 4.5.0 through 4.5.11 Spring Data MongoDB versions 4.4.0 through 4.4.14 Spring Data MongoDB versions 4.3.0 through 4.3.16 Spring Data MongoDB versions 4.2.0 through...

8.1CVSS6.3AI score0.00306EPSS

Exploits0References3

GithubExploit•added 2022/07/13 2:7 p.m.•8 views

Exploit for Expression Language Injection in Vmware Spring_Data_Mongodb

Springcve-2022-22980 spring data mongodb remote code executio...

9.8CVSS9AI score0.13925EPSS

Exploits3

CNNVD•added 2022/06/23 12:0 a.m.•7 views

Spring Data MongoDB 安全漏洞

Spring Framework is the U.S. Spring team of a set of open source Java, JavaEE application framework. The framework helps developers build high-quality applications. A security vulnerability exists in Spring Data MongoDB that stems from vulnerability to SpEL injection when using @Query or...

9.8CVSS8AI score0.13925EPSS

Exploits3References3

Github Security Blog•added 2022/05/17 2:37 a.m.•31 views

Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

6.8CVSS5.8AI score0.00822EPSS

Exploits1References7Affected Software1

NVD•added 2016/10/05 4:59 p.m.•20 views

CVE-2016-6652

6.8CVSS6.3AI score0.00822EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by