CVE-2026-41697 | Vmware Spring Data Relational up to 4.0.5 StringMatcher data query logic injection

A vulnerability, which was classified as problematic, was found in Vmware Spring Data Relational, Spring Data JDBC and Spring Data R2DBC up to 4.0.5. Affected by this issue is some unknown functionality of the component StringMatcher. The manipulation results in improper neutralization of special elements in data query logic.

This vulnerability was named CVE-2026-41697. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More