Medium CVE-2026-41697 Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher (STARTING, ENDING, or CONTAINING) in Query By Example (QBE). An attacker can supply wildcard characters to perform boolean-based blind data inference. ...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-41697 – Spring Data Relational does not properly escape binding values of externally-con...

VERWANDTEARTIKEL

Windows BitLocker 0-Day Vulnerability Allows Attackers to Bypass Security Feature

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

CVE-2026-26239 - File Station 5

[High] CVE-2026-26239 – A buffer overflow vulnerability has been reported to affect File Station 5. If a...

CVE-2026-26237 - QuMagie

CVE-2026-24719 - QTS, QuTS hero