CVE Catalog

CVE-2026-41719

MediumCVSS 6.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

A SpEL Injection vulnerability in Spring Data KeyValue occurs when unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator. An attacker can inject malicious SpEL expressions, leading to remote code execution.

Risk Assessment

The risk for the organization includes potential remote code execution by an attacker, which could lead to application compromise, data leakage, or system disruption.

Recommendation

It is recommended to immediately update Spring Data KeyValue/Spring Data Redis to a patched version (e.g., 4.0.6 or later) and avoid passing unsanitized user input as Sort to query methods.

Original NVD description (English source)

A SpEL Injection vulnerability exists in the Spring Data KeyValue if unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator. Affected versions: Spring Data KeyValue / Spring Data Redis 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS