Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Talk to Our Experts
Get Pricing
Codey gradient
Filter by Severity
Filter by Technology
Filter by Category
Filtering by:
Severity
=
Text for Severity
Close icon
Clear Filters
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
Medium
Open in new tab icon
CVE-2026-41730
Spring
Spring Data REST
Information Exposure
>=3.5.0 <=3.5.12, >=3.7.0 <=3.7.19, >=4.2.0 <=4.2.12, >=4.3.0 <=4.3.16, >=4.4.0 <=4.4.14, >=4.5.0 <=4.5.11, >=5.0.0 <=5.0.5
Jun 16, 2026
High
Open in new tab icon
CVE-2026-41729
Spring
Spring Data REST
Remote Code Execution
>=3.5.0 <=3.5.12, >=3.7.0 <=3.7.19, >=4.2.0 <=4.2.12, >=4.3.0 <=4.3.16, >=4.4.0 <=4.4.14, >=4.5.0 <=4.5.11, >=5.0.0 <=5.0.5
Jun 16, 2026
High
Open in new tab icon
CVE-2026-41728
Spring
Spring Data REST
Authorization Bypass
>=3.5.0 <=3.5.12, >=3.7.0 <=3.7.19, >=4.2.0 <=4.2.12, >=4.3.0 <=4.3.16, >=4.4.0 <=4.4.14, >=4.5.0 <=4.5.11, >=5.0.0 <=5.0.5
Jun 16, 2026
Medium
Open in new tab icon
CVE-2026-41711
Spring
Spring Data Commons
Denial of Service
>=2.5.0 <=2.5.12, >=2.7.0 <=2.7.19, >=3.0.0 <=3.0.15, >=3.1.0 <=3.1.14, >=3.2.0 <=3.2.15, >=3.3.0 <=3.3.16, >=3.4.0 <=3.4.14, >=3.5.0 <=3.5.11, >=4.0.0 <=4.0.5
Jun 16, 2026
High
Open in new tab icon
CVE-2026-41708
Spring
Spring Cloud Sleuth
Denial of Service
>=3.1.0 <=3.1.13
Jun 16, 2026
Medium
Open in new tab icon
CVE-2026-41706
Spring
Spring Security
Content Spoofing
>=5.4.0 <=5.5.8, >=5.7.0 <=5.7.23, >=5.8.0 <=5.8.25, >=6.2.0 <=6.2.8, >=6.3.0 <=6.3.16, >=6.4.0 <=6.4.16, >=6.5.0 <=6.5.10, >=7.0.0 <=7.0.5
Jun 16, 2026
High
Open in new tab icon
CVE-2026-41695
Spring
Spring Data Commons
Denial of Service
>=3.4.0 <=3.4.14, >=3.5.0 <=3.5.11, >=4.0.0 <=4.0.5
Jun 16, 2026
Low
Open in new tab icon
CVE-2026-41000
Spring
Spring Web Services
Authorization Bypass
>=2.4.0 <=2.4.7, >=3.1.0 <=3.1.8, >=4.0.0 <=4.0.18, >=4.1.0 <=4.1.3, >=5.0.0 <=5.0.1
Jun 16, 2026
Medium
Open in new tab icon
CVE-2026-41862
Spring
Spring Statemachine
Content Spoofing
>=3.2.0 <=3.2.4, >=4.0.0 <=4.0.1
Jun 15, 2026
Medium
Open in new tab icon
CVE-2026-41838
Spring
Spring Framework
Information Exposure
>=5.1.0 <=5.3.48, >=6.1.0 <=6.1.27, >=6.2.0 <=6.2.18, >=7.0.0 <=7.0.7
Jun 15, 2026
Medium
Open in new tab icon
CVE-2026-41697
Spring
Spring Data Relational
Information Exposure
>=2.2.0 <=2.2.12, >=2.4.0 <=2.4.19, >=3.0.0 <=3.0.15, >=3.1.0 <=3.1.12, >=3.2.0 <=3.2.15, >=3.3.0 <=3.3.16, >=3.4.0 <=3.4.14, >=3.5.0 <=3.5.11, >=4.0.0 <=4.0.5
Jun 15, 2026
High
Open in new tab icon
CVE-2026-41003
Spring
Spring Security
Cross-Site Scripting
>=5.5.0 <=5.5.8, >=5.7.0 <=5.7.23, >=5.8.0 <=5.8.25, >=6.2.0 <=6.2.8, >=6.3.0 <=6.3.16, >=6.4.0 <=6.4.16, >=6.5.0 <=6.5.10, >=7.0.0 <=7.0.5
Jun 15, 2026
Medium
Open in new tab icon
CVE-2026-41001
Spring
Spring Boot
Information Exposure
>=0.0.0 <2.7.34, >=3.3.0 <3.3.20, >=3.4.0 <3.4.17, >=3.5.0 <3.5.15, >=4.0.0 <4.0.7
Jun 15, 2026
Medium
Open in new tab icon
CVE-2026-40992
Spring
Spring Boot
Information Exposure
>=3.4.0 <3.4.17, >=3.5.0 <3.5.15, >=4.0.0 <4.0.7
Jun 15, 2026
High
Open in new tab icon
CVE-2026-50171
Angular
Angular
Denial of Service
<=18.2.14, >=19.0.0-next.0 <19.2.23, >=20.0.0-next.0 <20.3.22, >=21.0.0-next.0 <21.2.15, >=22.0.0-next.0 <22.0.0-rc.2
Jun 12, 2026
Exclamation icon
No results found

Please enter a valid Vulnerability ID number or Technology name.

Sign up for the latest vulnerability alerts
Rss feed icon
Subscribe via RSS
or
Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.