CVE-2026-41854 | Vmware Spring Framework up to 6.2.18/7.0.7 UriComponentsBuilder server-side request forgery
A vulnerability was found in Vmware Spring Framework up to 6.2.18/7.0.7. It has been declared as critical. This affects an unknown function of the component UriComponentsBuilder. Such manipulation leads to server-side request forgery.
This vulnerability is referenced as CVE-2026-41854. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.VulDB Recent EntriesRead More