Get ahead
VMware offers training and certification to turbo-charge your progress.
Learn moreThis page lists Spring advisories.
To report a security vulnerability for a project within the Spring portfolio, see the Security Policy
| Severity | CVE ID | Project | Published | Fix Version |
|---|---|---|---|---|
| HIGH | CVE-2026-47835 | Spring AI | June 12, 2026 | 2 versions |
| HIGH | CVE-2026-41708 | Spring Cloud Sleuth | June 11, 2026 | 1 version |
| HIGH | CVE-2026-41862 | Spring Statemachine | June 11, 2026 | 3 versions |
| HIGH | CVE-2026-47825 | Spring Cloud Gateway | June 11, 2026 | 7 versions |
| MEDIUM | CVE-2026-40985 | Spring Web Flow | June 10, 2026 | 5 versions |
| MEDIUM | CVE-2026-40986 | Spring Web Flow | June 10, 2026 | 5 versions |
| HIGH | CVE-2026-40987 | Spring Integration | June 10, 2026 | 7 versions |
| HIGH | CVE-2026-40994 | Spring Web Services | June 10, 2026 | 6 versions |
| MEDIUM | CVE-2026-40995 | Spring Web Services | June 10, 2026 | 6 versions |
| MEDIUM | CVE-2026-40996 | Spring Web Services | June 10, 2026 | 6 versions |
| HIGH | CVE-2026-40998 | Spring Web Services | June 10, 2026 | 6 versions |
| MEDIUM | CVE-2026-40997 | Spring Web Services | June 10, 2026 | 6 versions |
| MEDIUM | CVE-2026-41001 | Spring Boot | June 10, 2026 | 7 versions |
| LOW | CVE-2026-41000 | Spring Web Services | June 10, 2026 | 6 versions |
| HIGH | CVE-2026-40999 | Spring Web Services | June 10, 2026 | 6 versions |
| MEDIUM | CVE-2026-40992 | Spring Boot | June 10, 2026 | 5 versions |
| HIGH | CVE-2026-41699 | Spring for GraphQL | June 10, 2026 | 5 versions |
| HIGH | CVE-2026-41700 | Spring for GraphQL | June 10, 2026 | 6 versions |
| HIGH | CVE-2026-41856 | Spring for GraphQL | June 10, 2026 | 6 versions |
| HIGH | CVE-2026-40988 | Spring Security | June 09, 2026 | 8 versions |
| MEDIUM | CVE-2026-40991 | Spring REST Docs | June 09, 2026 | 5 versions |
| HIGH | CVE-2026-40993 | Spring Security | June 09, 2026 | 2 versions |
| HIGH | CVE-2026-41003 | Spring Security | June 09, 2026 | 8 versions |
| HIGH | CVE-2026-41695 | Spring Data Commons | June 09, 2026 | 5 versions |
| MEDIUM | CVE-2026-41008 | Spring Security | June 09, 2026 | 4 versions |