CVE-2026-41700 - Cross-Site WebSocket Hijacking in Spring for GraphQL
CVE ID :CVE-2026-41700 Published : June 11, 2026, 5:04 a.m. | 1 hour, 59 minutes ago Description :Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking. An attacker can trick an authenticated user into visiting a malicious...