CVE-2026-41841
Spring Framework Information Disclosure via Static Resource Cache in Spring MVC and WebFlux
Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources.
Affected versions:
Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Spring · Spring FrameworkQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://spring.io/security/cve-2026-41841