Medium CVE-2026-41854 Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a server-side request forgery (SSRF) attack. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-41854 – Due to incorrect host parsing, applications that rely on UriComponentsBuilder to...

VERWANDTEARTIKEL

CVE-2026-49741 - TYPO3 CMS - Privilege Escalation & SQL Injection in Form Framework

Google fixes the fifth actively exploited Chrome zero-day of 2026

CVE-2026-46746 - Siemens SINEC INS Command Injection

CVE-2026-46748 - SINEC INS Local Privilege Escalation via CAP_DAC_OVERRIDE

CVE-2026-41031 - A Stored Cross-Site Scripting (XSS) vulnerability occurs in Vinna Process Monitor

CVE-2026-10731 - SQL injection in Nemon products