CVE ID :CVE-2026-40994 Published : June 11, 2026, 5:03 a.m. | 2 hours ago Description :Wss4jSecurityInterceptor initialized its BSP (WS-I Basic Security Profile) compliance flag so that inbound validation disabled WSS4J BSP enforcement on RequestData. Services that validate WS-Security on the...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-40994 - Wss4jSecurityInterceptor disables WS-I BSP validation by default

VERWANDTEARTIKEL

Ubiquiti UniFi OS: Mehrere Schwachstellen

OpenSSL: Präparierte Signatur kann Weg für Schadcode ebnen

CVE-2026-53901 - Cerebrate before v1.37 allows mass assignment of record identifiers during object creation

CVE-2026-10795 - UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc

Microsoft Patches Exploited Exchange Server Vulnerability

CVE-2026-41700 - Cross-Site WebSocket Hijacking in Spring for GraphQL