CVE-2026-41719: Spring Data KeyValue - SpEL Injection vulnerability in SpelPropertyComparator

A SpEL Injection vulnerability exists in the Spring Data KeyValue if unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator . The application is vulnerable if all conditions below are true:...

CVE-2026-40991: XML External Entity (XXE) injection when documenting untrusted XML content

When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next execute...

This Week in Spring - June 9th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! Tons of releases coming out today and this week! So make sure you're pulling in the latest posts, as often as possible! Spring LDAP 2026.06 Releases - Contains CVE Fix Spring Framework 7.0.8 and 6.2.19 Available Now Spring...

CVE-2026-40988: Unbounded DEFLATE Inflation in SAML 2.0 Service Provider

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory...

CVE-2026-41694: SAML Payloads Decrypted Without Valid Signature

Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle...

Spring Framework Cross-site Scripting via JavaScriptUtils

Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting XSS vulnerability...

Spring Framework Open Redirect in Spring MVC and WebFlux

A Spring MVC or Spring WebFlux application which configures a mapping for "/" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an arbitrary external host via the redirect: prefix. Spring MVC applications with the same preconditions...

Spring Framework Security Filter Bypass in WebFlux Kotlin Router DSL

Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, any security-related modifications applied to the ServerRequest by the filt...

Spring Framework Denial of Service via AntPathMatcher

Applications may be vulnerable to a Regular Expression Denial of Service ReDoS attack if an attacker is able to provide a pattern which is then directly or indirectly supplied to one of the following methods in AntPathMatcher :...

Spring Framework Denial of Service via Integer Overflow in SpEL Expressions

An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language SpEL. An attacker can exploit this by supplying a specially crafted SpEL expression that triggers excessive resource consumption, resulting in a Denial of Service DoS. Specifically, an application i...

CVE-2026-41838: Spring Framework Predictable Session ID in WebSocket Module

IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in combination with inadequate authorization rules...

CVE-2026-41839: Spring Framework Escalation via Session Fixation in WebFlux

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user...

CVE-2026-41720: Authentication Bypass with Empty Password in Spring LDAP

Spring LDAP's DirContextAuthenticationStrategy implementations do not reject a bind request where a non-empty username is paired with an empty or null password. RFC 4513 Section 5.1.2 defines this as an unauthenticated bind. On LDAP servers that permit such binds, an attacker with a valid usernam...

CVE-2026-41710: Cache Exhaustion in Stateful Retries leads to Denial of Service

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

Spring HATEOAS Collection+JSON/UBER deserializers do not honor Jackson configuration

Spring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection+JSON and UBER media type deserializers, performs bean property binding via reflection without consulting Jackson access-control annotations. Affected applications are those that have enabled the...

CVE-2026-41840: Spring Framework Denial of Service via Multipart Requests in WebFlux

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, an attacker can send malicious multipart requests that can leak...

Spring Framework Path Traversal via Versioned Static Resources in Spring MVC and WebFlux

Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, an attacker can send malicious requests that can resolve files...

Spring Framework Cross-site Scripting via JSP Form Tags

Spring MVC applications which accept user-supplied values in the cssClass , cssErrorClass , or cssStyle attributes of JSP tags allow arbitrary HTML/JavaScript code injection, potentially resulting in a cross-site scripting XSS vulnerability...

CVE-2026-41841: Spring Framework Information Disclosure via Static Resource Cache in Spring MVC and WebFlux

Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, an attacker can get access to a protected resource if a...

CVE-2026-41842: Spring Framework Denial of Service via Versioned Resources in Spring MVC and WebFlux

Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: When all the conditions above are met, an attacker can send malicious requests that are slow to...

Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects...

A Bootiful Podcast: JetBrains' Marit van Dijk

hi Spring and IntelliJ IDEA fans! In this installment I talk to my friend and JetBrains Developer Advocate extraordinaire Marit van Dijk! This episode was recorded at JNation, an amazing show in Coimbra, Portugal! jetbrains java jnation...

This Week in Spring - June 2nd, 2026

Hi, Spring fans, and welcome to another momentous installment of This Week in Spring! A lot to get into this week, but let's first take some time to address the meta: where are the May releases? If you read our May 11th post, you know they've been delayed. We wanted to speak a bit more about why ...

A Bootiful Podcast: Microsoft's Martijn Verburg

Hi Spring fans! In this installment, I talk to my friend from JClarity and Microsoft fame, fellow Java champion, and Java guru Martijn Verburg ai microsoft java jclarity performance...

This Week in Spring - May 26th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in Coimbra, Portugal, where I just did my usual shtick on the latest and greatest in Spring Framework 7.x, Spring Boot 4.x, and Spring AI 2.x. It was a ton of fun, and I want to thank everybody who came out. Last week I w...

A Bootiful Podcast: Hadi Hariri, Jetbrains legend

Hi Spring and Kotlin fans! In this installment, I have the privilege of talking to my old friend and JetBrains legend Hadi Hariri, recorded live from Kotlin Conf 2026 in Munich, Germany! kotlin jvm java springboot...

This Week in Spring - May 19th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring!, this one written from the back of a taxi racing to the local Frankfurt train station, where I'll take a train to Munich for the amazing Kotlin Conf 2026 edition, where I'll be part of the keynote and deliver a talk on the...

Spring Office Hours Podcast: S5E16 - May Release Train Shift & What's Coming in Spring Boot 4.1

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, Dan and DaShaun break down the recently announced shift of the May release train from May 11-22 to June 1-5, and what that means for your upgrade planning across the Spring portfolio. They also dig...

A Bootiful Podcast: the legendary Adib Saikali

Hi, Spring fans! I'm so thrilled to have been able to sit down and talk to my friend Adib Saikali!...

This Week in Spring - May 12th, 2026

Hi, Spring fans! As I write this I am in Miami, FL at the CodeRemix.ai show, focused on the wide and wonderful world of OpenRewrite and Moderne. I've got a talk to give so let's dive right into it! a quick note about the upcoming release train dates in last week's installment of A Bootiful Podcas...

Spring Office Hours Podcast: S5E15 - Upgrading Spring and OSS Security

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, Dan and DaShaun tackle two challenges every Spring developer faces: keeping applications up to date and staying ahead of security vulnerabilities in open source dependencies. They explore how AI...

Expression injection in MilvusVectorStore doDelete allows data destruction

Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs...

Unbounded cache for function definitions

OOM error is possible while attempting to add infinite amount of functions to Function Registry...

Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error...

ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users...

A Bootiful Podcast: Daniel Garnier-Moiroux on his new book 'Testing Spring Boot Applications'

Hi Spring fans! In this installment I'm thrilled to have had the opportunity to sit down and talk to Daniel Garnier-Moiroux and talk about "Testing Spring Boot Applications," from Manning! testing springboot java kotlin springframework...

Directory Traversal with spring-cloud-config-server

Spring Cloud Config allows applications to server arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack...

Spring Cloud Config Server Logged Sensitive Information

When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs...

Spring Cloud Config Clients Can Access Secrets From Any Project The Config Server Has Access To On Google Secrets Manager

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects...

This Week in Spring - May 5th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's May 5th, 2026, and I'm in Mainz, Germany, for the legendary JAX conference! It's been infinitely far too long since I've been at this amazing show, and I'm oh-so happy to be back here! Tonight, after my two talks here, I...

Spring Office Hours Podcast: S5E14 - Spec Driven Development with Simon Martinelli

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, Dan and DaShaun are joined by Java Champion, Vaadin Champion, and Oracle ACE Pro Simon Martinelli to talk about Spec-Driven Development. With AI reshaping how we write code, Simon makes the case th...

Ronald Dehuysser, founder of JobRunr, on their ambitious new JavaClaw-like agent runtime

Hi Spring fans! In this installment, I talk to my friend and JobRunr founder Ronald Dehuysser about the latest and greatest, and their new "JavaClaw" project!...

Spring gRPC SecurityContext leaks across requests on authorization failure

When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions...

Spring gRPC AuthenticationException message reflected to remote client

The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks...

This Week in Spring - April 28th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! As I write this, I'm on PTO in beautiful Santorini, Greece, catching up on some news and about to cruise the islands for some sightseeing. There's nothing quite like springtime in the Mediterranean! I couldn't dream of enjoyin...

VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration

In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId . Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input ...

SQL Injection in CosmosDBVectorStore.doDelete()

SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Only applications that use CosmosDBVectorStore and pass user-supplied input as document ids are affected...

VectorStore FilterExpression Converter injection

In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Only applications that use...

OOM by attacker-controlled PDF

In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by ForkPDFLayoutTextStripper . Only applications that use ForkPDFLayoutTextStripper and pass user-supplied input to DocumentReader s are affected...

ONNX model cache defaults to world-writable predictable /tmp directory

In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Only applications that use TransformersEmbeddingModel and have the cache enabled, using the default location, are affected...