|
441
|
3.7 |
LOW
Network
|
-
|
-
|
Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloa…
New
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-41694
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
442
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Spring Security Authorization Server's authorization endpoint performs insufficient validation of the request_uri parameter. An attacker can craft a malicious authorization request containing an inva…
New
|
CWE-601
Open Redirect
|
CVE-2026-41008
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
443
|
7.6 |
HIGH
Network
|
-
|
-
|
An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters.
Affected versions:
Spring Security 5.7.0 throug…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-41003
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
444
|
7.3 |
HIGH
Adjacent
|
-
|
-
|
An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) may be able to store malicious serialized payloads in the col…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-40993
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
445
|
5.9 |
MEDIUM
Network
|
-
|
-
|
When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a maliciou…
New
|
CWE-611
XXE
|
CVE-2026-40991
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
446
|
7.5 |
HIGH
Network
|
-
|
-
|
An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates …
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-40988
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
447
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-9754
|
2026-06-10 08:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
448
|
8.1 |
HIGH
Network
|
-
|
-
|
The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $_internalApply…
New
|
CWE-1287
Improper Validation of Specified Type of Input
|
CVE-2026-9753
|
2026-06-10 08:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
449
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS.
Strict-wi…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-9752
|
2026-06-10 08:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
450
|
5.5 |
MEDIUM
Local
|
-
|
-
|
The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-9751
|
2026-06-10 08:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
