CVE Catalog

CVE-2026-41847

MediumCVSS 4.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

8th percentile - higher than 8% of all known CVEs

Summary

Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL.

Risk Assessment

Exploitation of this vulnerability could lead to unauthorized access to application resources, posing a serious security threat to the organization.

Recommendation

It is recommended to upgrade to the latest version of Spring Framework to mitigate this vulnerability.

Original NVD description (English source)

Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spring Framework 5.3.0 through 5.3.48.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS