CVE ID :CVE-2026-40998 Published : June 11, 2026, 5:04 a.m. | 1 hour, 59 minutes ago Description :Jaxp13XPathTemplate evaluated XPath expressions for StreamSource and SAXSource inputs using a code path that parsed attacker-controlled XML with the JDK's default DocumentBuilderFactory behavior...