CVE-2026-41855 | Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 deserialization
A vulnerability has been found in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 and classified as problematic. Impacted is an unknown function of the component org.springframework.jms.support.converter.MappingJackson2MessageConverter/org.springframework.jms.support.converter.JacksonJsonMessageConverter. The manipulation leads to deserialization.
This vulnerability is uniquely identified as CVE-2026-41855. The attack is possible to be carried out remotely. No exploit exists.
The affected component should be upgraded.VulDB Recent EntriesRead More