Lucene search
K

7316 matches found

OSV
OSV
added 2026/06/22 12:34 p.m.10 views

ROOT-APP-MAVEN-CVE-2026-22740 CVE-2026-22740 in io.root.org.springframework:spring-webflux - Patched by Root

Root has patched CVE-2026-22740 in the io.root.org.springframework:spring-webflux package for Root:Maven. Multiple fixed versions available...

6.5CVSS5.4AI score0.00344EPSS
Exploits0
OSV
OSV
added 2026/06/22 12:34 p.m.6 views

ROOT-APP-MAVEN-CVE-2025-41254 CVE-2025-41254 in io.root.org.springframework:spring-websocket - Patched by Root

Root has patched CVE-2025-41254 in the io.root.org.springframework:spring-websocket package for Root:Maven. Multiple fixed versions available...

4.3CVSS5.3AI score0.00286EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2026/06/21 12:0 a.m.26 views

MongoDB-backed Spring Batch jobs and more in Spring Boot 4.1

Spring Batch was introduced many years before MongoDB existed, and its design assumed the presence of a SQL database in which to store the state of Spring Batch jobs. But that was decades ago, and a common question for anyone new to Spring Batch was, "Why does this thing need to talk to a SQL...

6.1AI score
Exploits0
Nuclei
Nuclei
added 2026/06/19 11:10 a.m.89 views

Spring - Remote Code Execution

Spring MVC and Spring WebFlux applications running on Java Development Kit 9+ are susceptible to remote code execution via data binding. It requires the application to run on Tomcat as a WAR deployment. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full...

9.8CVSS7.7AI score0.99677EPSS
Exploits100References6
OSV
OSV
added 2026/06/18 12:0 p.m.9 views

ROOT-APP-MAVEN-CVE-2026-22751 CVE-2026-22751 in io.root.org.springframework.security:spring-security-core - Patched by Root

Root has patched CVE-2026-22751 in the io.root.org.springframework.security:spring-security-core package for Root:Maven. Multiple fixed versions available...

4.8CVSS5.4AI score0.00124EPSS
Exploits0
OSV
OSV
added 2026/06/18 12:0 p.m.11 views

ROOT-APP-MAVEN-CVE-2026-22748 CVE-2026-22748 in io.root.org.springframework.security:spring-security-oauth2-jose - Patched by Root

Root has patched CVE-2026-22748 in the io.root.org.springframework.security:spring-security-oauth2-jose package for Root:Maven. Multiple fixed versions available...

6.5CVSS5.8AI score0.00203EPSS
Exploits0
OSV
OSV
added 2026/06/18 11:18 a.m.8 views

ROOT-APP-MAVEN-CVE-2024-38821 CVE-2024-38821 in io.root.org.springframework.security:spring-security-web - Patched by Root

Root has patched CVE-2024-38821 in the io.root.org.springframework.security:spring-security-web package for Root:Maven. Multiple fixed versions available...

9.1CVSS7.4AI score0.01726EPSS
Exploits2
OSV
OSV
added 2026/06/18 11:18 a.m.7 views

ROOT-APP-MAVEN-CVE-2025-22228 CVE-2025-22228 in io.root.org.springframework.security:spring-security-crypto - Patched by Root

Root has patched CVE-2025-22228 in the io.root.org.springframework.security:spring-security-crypto package for Root:Maven. Multiple fixed versions available...

7.4CVSS7.5AI score0.00568EPSS
Exploits0
OSV
OSV
added 2026/06/18 11:18 a.m.13 views

ROOT-APP-MAVEN-CVE-2026-22732 CVE-2026-22732 in io.root.org.springframework.security:spring-security-web - Patched by Root

Root has patched CVE-2026-22732 in the io.root.org.springframework.security:spring-security-web package for Root:Maven. Multiple fixed versions available...

9.1CVSS5.8AI score0.0048EPSS
Exploits2
OSV
OSV
added 2026/06/18 11:8 a.m.11 views

ROOT-APP-MAVEN-CVE-2024-22234 CVE-2024-22234 in io.root.org.springframework.security:spring-security-core - Patched by Root

Root has patched CVE-2024-22234 in the io.root.org.springframework.security:spring-security-core package for Root:Maven. Multiple fixed versions available...

7.4CVSS7.5AI score0.00682EPSS
Exploits0
OSV
OSV
added 2026/06/18 10:18 a.m.12 views

ROOT-APP-MAVEN-CVE-2023-20862 CVE-2023-20862 in io.root.org.springframework.security:spring-security-core - Patched by Root

Root has patched CVE-2023-20862 in the io.root.org.springframework.security:spring-security-core package for Root:Maven. Multiple fixed versions available...

6.3CVSS6.7AI score0.00648EPSS
Exploits0
OSV
OSV
added 2026/06/18 10:6 a.m.8 views

ROOT-APP-MAVEN-AIKIDO-2026-11158 AIKIDO-2026-11158 in io.root.org.springframework:spring-core - Patched by Root

Root has patched AIKIDO-2026-11158 in the io.root.org.springframework:spring-core package for Root:Maven. Multiple fixed versions available...

5.3AI score
Exploits0
OSV
OSV
added 2026/06/18 9:50 a.m.14 views

ROOT-APP-MAVEN-CVE-2025-22235 CVE-2025-22235 in io.root.org.springframework.boot:spring-boot - Patched by Root

Root has patched CVE-2025-22235 in the io.root.org.springframework.boot:spring-boot package for Root:Maven. Multiple fixed versions available...

7.3CVSS7.3AI score0.00358EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:50 a.m.5 views

ROOT-APP-MAVEN-CVE-2026-22733 CVE-2026-22733 in io.root.org.springframework.boot:spring-boot-starter-actuator - Patched by Root

Root has patched CVE-2026-22733 in the io.root.org.springframework.boot:spring-boot-starter-actuator package for Root:Maven. Multiple fixed versions available...

8.2CVSS5.2AI score0.0036EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:50 a.m.9 views

ROOT-APP-MAVEN-CVE-2024-38807 CVE-2024-38807 in io.root.org.springframework.boot:spring-boot-loader - Patched by Root

Root has patched CVE-2024-38807 in the io.root.org.springframework.boot:spring-boot-loader package for Root:Maven. Multiple fixed versions available...

6.3CVSS7.3AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:49 a.m.5 views

ROOT-APP-MAVEN-CVE-2026-22731 CVE-2026-22731 in io.root.org.springframework.boot:spring-boot-starter-actuator - Patched by Root

Root has patched CVE-2026-22731 in the io.root.org.springframework.boot:spring-boot-starter-actuator package for Root:Maven. Multiple fixed versions available...

8.2CVSS5.2AI score0.00334EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:47 a.m.11 views

ROOT-APP-MAVEN-CVE-2023-20883 CVE-2023-20883 in io.root.org.springframework.boot:spring-boot-autoconfigure - Patched by Root

Root has patched CVE-2023-20883 in the io.root.org.springframework.boot:spring-boot-autoconfigure package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00904EPSS
Exploits0
OSV
OSV
added 2026/06/18 9:36 a.m.12 views

ROOT-APP-MAVEN-CVE-2026-40972 CVE-2026-40972 in io.root.org.springframework.boot:spring-boot-devtools - Patched by Root

Root has patched CVE-2026-40972 in the io.root.org.springframework.boot:spring-boot-devtools package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00262EPSS
Exploits0
Veracode
Veracode
added 2026/06/18 7:54 a.m.60 views

NoSQL Injection

Spring Data MongoDB is vulnerable to NoSQL Injection. The vulnerability is due to insufficient validation of parameters bound to regular expressions in @Query-annotated repository methods, where attacker-controlled input can break out of the intended regex quoting e.g., ^\Q?0\E$ and manipulate...

5.9CVSS5.3AI score0.00262EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2026/06/18 6:50 a.m.8 views

Authorization Bypass

Spring Data REST is vulnerable to Authorization Bypass. The vulnerability is due to improper enforcement of write-access restrictions in the JSON Patch application/json-patch+json implementation, where intermediate path segments in multi-segment JSON Pointer expressions are not subjected to...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder