CVE-2026-41008 | Vmware Spring Security/Spring Authorization Server Authorization Endpoint request_uri redirect

A vulnerability was found in Vmware Spring Security and Spring Authorization Server. It has been declared as problematic. Impacted is an unknown function of the component Authorization Endpoint. Executing a manipulation of the argument request_uri can lead to open redirect.

This vulnerability is tracked as CVE-2026-41008. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More