HIGH | MARCH 17, 2026 | CVE-2026-22729
Description A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is…
HIGH | MARCH 17, 2026 | CVE-2026-22730
Description A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization…
MEDIUM | JANUARY 13, 2026 | CVE-2026-22718
Description The following versions of the VSCode extension for Spring CLI are vulnerable to command injection,
resulting in command execution on the users machine. The extension reached EOL on May 14, 2025, but
upon receiving the CVE we realized that we could…
MEDIUM | OCTOBER 16, 2025 | CVE-2025-41254
Description STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and Versions Spring Framework: 6.2.0 - 6.2.11 6.1.0 - 6.1.23 6.0.x - 6.0.29 5.3.0 - 5.3.4…
MODERATE | OCTOBER 15, 2025 | CVE-2025-41253
Description The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The…
MEDIUM | SEPTEMBER 15, 2025 | CVE-2025-41248
Description The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method…
MEDIUM | SEPTEMBER 15, 2025 | CVE-2025-41249
Description The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for…
CRITICAL | SEPTEMBER 08, 2025 | CVE-2025-41243
Description The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud…
MEDIUM | AUGUST 14, 2025 | CVE-2025-41242
Description Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or…
MEDIUM | JULY 15, 2025 | CVE-2025-22227
Description In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials.
In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected Spring Products and Versions Reactor…
