Known Vulnerabilities for Spring Data REST by Spring
Listed below are 4 of the newest known vulnerabilities associated with "Spring Data REST" by "Spring".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41837 json | Spring Data REST's Querydsl integration accepts arbitrary persistent property paths as request-parameter filter keys and does... | Not Provided | 2026-06-10 | 2026-06-09 |
| CVE-2026-41730 json | Spring Data REST serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence-... | Not Provided | 2026-06-10 | 2026-06-09 |
| CVE-2026-41729 json | Spring Data REST is vulnerable to SpEL expression injection through map-typed properties when processing JSON Patch (applicat... | Not Provided | 2026-06-10 | 2026-06-09 |
| CVE-2026-41728 json | Spring Data REST's JSON Patch (application/json-patch+json) implementation does not apply the write-access filter to intermed... | Not Provided | 2026-06-10 | 2026-06-09 |