CVE-2026-41843
Spring Framework Path Traversal via Versioned Static Resources in Spring MVC and WebFlux
Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources.
Affected versions:
Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
Spring · Spring Framework¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://spring.io/security/cve-2026-41843