Lucene search
K

1224 matches found

NVD
NVD
added 2026/06/10 12:16 a.m.18 views

CVE-2026-41706

Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...

6.1CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.16 views

CVE-2026-40993

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository saml2assertingpartymetadata may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials verificationcredentials and...

7.3CVSS0.00198EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.15 views

CVE-2026-41003

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...

7.6CVSS0.00204EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.15 views

CVE-2026-41008

Spring Security Authorization Server's authorization endpoint performs insufficient validation of the requesturi parameter. An attacker can craft a malicious authorization request containing an invalid requesturi and an arbitrary, unvalidated redirecturi, which can lead to an Open Redirect...

6.1CVSS0.00172EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.19 views

CVE-2026-41694

Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...

5.3CVSS0.00137EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 12:16 a.m.19 views

CVE-2026-40988

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23;...

7.5CVSS0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.27 views

VMware Spring Security 代码问题漏洞

VMware Spring Security is a security framework provided by the American company VMware, designed to provide descriptive security protection for Spring-based applications. Versions of VMware Spring Security from 7.0.0 to 7.0.5 have code vulnerabilities. These vulnerabilities stem from attackers wh...

7.3CVSS5.5AI score0.00198EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

Spring Security 跨站脚本漏洞

VMware Spring Security is a security framework provided by the American company VMware, designed to provide descriptive security protection for Spring-based applications. VMware Spring Security has a cross-site scripting vulnerability, which allows attackers to manipulate values within...

7.6CVSS6.2AI score0.00204EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

Spring Security 授权问题漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Vulnerabilities related to authorization exist in versions 5.7.0 to 5.7.24, 5.8.0 to 5.8.26, 6.3.0 to 6.3.17, 6.4.0 to 6.4.17, and 6.5.0 to 6.5.10 of Spring Security...

8.1CVSS5.4AI score0.00116EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 12:0 a.m.8 views

Replay Attack

Overview Affected versions of this package are vulnerable to Replay Attack due to the Wss4jSecurityInterceptor class in Wss4jSecurityInterceptor.java not consistently wiring configured Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, replay protections...

6.3CVSS5.4AI score0.00223EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 12:0 a.m.7 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure due to the Spring Security integration paths in SpringSecurityUtils.checkUserValidity, SpringSecurityPasswordValidationCallbackHandler, and X509AuthenticationProvider, which surface account status exceptions such as...

6.9CVSS5.4AI score0.00366EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Spring Security 输入验证错误漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Spring Security has a vulnerability related to input validation. This vulnerability arises from the use of CookieRequestCache and CookieServerRequestCache, which store...

6.1CVSS5.4AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.11 views

Spring Security 加密问题漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Spring Security has a data manipulation vulnerability, which stems from SAML decryption of SAML responses, as well as SAML logout requests and logout responses whose...

5.3CVSS5.8AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

VMware Spring Security和Spring Authorization Server 输入验证错误漏洞

VMware Spring Security and Spring Authorization Server are both products of the American company VMware. VMware Spring Security is a security framework designed to provide descriptive security protections for Spring-based applications. Spring Authorization Server is a framework used to build secu...

6.1CVSS5.4AI score0.00172EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

spring security 资源管理错误漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. There is a resource management vulnerability in Spring Security. This vulnerability arises from the use of spring-security-saml2-service-provider and REDIRECT when...

7.5CVSS5.9AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:50 p.m.89 views

CVE-2026-47838

Spring Security CVE-2026-47838 involves the SubjectDnX509PrincipalExtractor and malformed X.509 CN values, causing the extracted username to be read incorrectly and potentially allowing an attacker to impersonate another user. Affected versions include Spring Security 5.7.0–5.7.24; 5.8.0–5.8.26; ...

8.1CVSS5.5AI score0.00116EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 11:50 p.m.43 views

CVE-2026-47838 Unauthorized User Impersonation when Using X.509 Client Certificates

SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions: Spring Security 5.7....

6.8CVSS0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:50 p.m.8 views

CVE-2026-47838 Unauthorized User Impersonation when Using X.509 Client Certificates

SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions: Spring Security 5.7....

6.8CVSS5.4AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:47 p.m.34 views

CVE-2026-41706 Open Redirect When Using CookieRequestCache

Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...

6.1CVSS0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 11:47 p.m.10 views

CVE-2026-41706 Open Redirect When Using CookieRequestCache

Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...

6.1CVSS5.5AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder