|
621
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Wss4jSecurityInterceptor defaulted allowRSA15KeyTransportAlgorithm to true, overriding Apache WSS4J's safer default for validation RequestData. Inbound WS-Security decryption could therefore accept R…
New
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2026-40996
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
622
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Several Spring WS integration paths with Spring Security could surface detailed account state (for example locked or disabled user semantics) to remote SOAP clients through exception messages or call…
New
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2026-40997
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
623
|
8.2 |
HIGH
Network
|
-
|
-
|
Jaxp13XPathTemplate evaluated XPath expressions for StreamSource and SAXSource inputs using a code path that parsed attacker-controlled XML with the JDK's default DocumentBuilderFactory behavior inst…
New
|
CWE-611
XXE
|
CVE-2026-40998
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
624
|
8.6 |
HIGH
Network
|
-
|
-
|
When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken dire…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-40999
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
625
|
3.7 |
LOW
Network
|
-
|
-
|
Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and …
New
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2026-41000
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
626
|
5.3 |
MEDIUM
Local
|
-
|
-
|
Spring Boot's ArtemisEmbeddedConfigurationFactory uses a fixed, static path for the embedded Artemis message broker's data directory when no explicit path is configured. A local attacker on the same …
New
|
CWE-377
Insecure Temporary File
|
CVE-2026-41001
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
627
|
8.1 |
HIGH
Network
|
-
|
-
|
Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Exec…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-41699
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
628
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.
Update
|
CWE-190
CWE-416
Integer Overflow or Wraparound
Use After Free
|
CVE-2026-45592
|
2026-06-12 00:21 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
629
|
8.8 |
HIGH
Network
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when clon…
New
|
CWE-22
Path Traversal
|
CVE-2026-42305
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
630
|
- |
|
-
|
-
|
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, Dulwich's `ProcessMergeDriver` substitutes the file path (from th…
New
|
CWE-78
OS Command
|
CVE-2026-42563
|
2026-06-12 00:21 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
