B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (3.1)

CVE-2026-41732 - In Spring for Apache Pulsar, overly broad trusted-package matching in header mapper exposes JDK classes to deserialization

CVE ID :CVE-2026-41732 Published : June 10, 2026, 12:16 a.m. | 59 minutes ago Description :JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty...

#Sicherheitslücke #Update
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

CVE-2026-11645

2026-06-10 Kritisch

CVE-2026-53673 - BuddyPress 14.4.0 Private Message IDOR via REST API user_id Parameter

2026-06-10 Mittel

CVE-2026-45782 - Cloud Hypervisor: Use-after-free in virtio-block Async I/O Completion

2026-06-10 Mittel

CVE-2026-46491 - SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion

2026-06-10 Mittel

CVE-2026-41729 - Spring Data REST SpEL Injection via Map Key in JSON Patch

2026-06-10 Mittel

CVE-2026-41717 - Spring Data MongoDB - SpEL Expression Injection via Annotated Query Parameter Binding

2026-06-10 Mittel