CVE-2026-22754

>= 7.0.0 and < 7.0.5

Vulnerability in Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoin

7.5HIGH

CVE-2026-22753

>= 7.0.0 and < 7.0.5

Vulnerability in Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Bu

7.5HIGH

CVE-2026-22748

< 6.3.15

Vulnerability in Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJw

5.3MEDIUM

CVE-2026-22747

>= 7.0.0 and < 7.0.5

Vulnerability in Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certifi

6.8MEDIUM

CVE-2026-22746

< 5.7.23

Vulnerability in Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAcco

3.7LOW

CVE-2026-22751

>= 6.4.0 and < 6.4.16

Vulnerability in Spring Security. Applications that explicitly configure One-Time Token login with JdbcOneTimeTokenService

4.8MEDIUM

CVE-2026-22732

< 5.7.22

When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the

9.1CRITICAL

CVE-2024-38810

>= 6.3.0 and < 6.3.2

Missing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security anno

6.5MEDIUM

CVE-2024-22234

>= 6.1.0 and < 6.1.7

In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access

7.4HIGH

CVE-2023-34042

>= 5.8.4 and < 5.8.7

The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it co

4.1MEDIUM

CVE-2023-45669

< 0.9.1

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subjec

4.8MEDIUM

CVE-2023-34034

>= 5.6.0 and < 5.6.12

Using "" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Secur

9.1CRITICAL

CVE-2023-34035

>= 5.8.0 and < 5.8.5

Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization

7.3HIGH

CVE-2023-20862

>= 5.7.0 and < 5.7.8

In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout su

6.3MEDIUM

CVE-2022-31692

>= 5.6.0 and < 5.6.9

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward

9.8CRITICAL

CVE-2022-31690

>= 5.6.0 and < 5.6.9

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a pri

8.1HIGH

CVE-2022-22978

< 5.5.7

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be mi

9.8CRITICAL

CVE-2022-22976

>= 5.2.1 and < 5.5.7

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow

5.3MEDIUM

CVE-2021-22119

>= 5.2.0 and < 5.2.11

Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptib

7.5HIGH

CVE-2021-22112

>= 5.4.0 and < 5.4.4

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions c

8.8HIGH

CVE-2020-5408

>= 4.2.0 and < 4.2.16

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior

6.5MEDIUM

CVE-2020-5407

>= 5.2.0 and < 5.2.4

Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML resp

8.8HIGH

CVE-2019-11272

< 4.2.13

Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordE

7.3HIGH

CVE-2019-3795

>= 4.2.0 and < 4.2.12

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vul

5.3MEDIUM

CVE-2018-1258

all versions

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when

8.8HIGH

CVE-2018-1199

>= 4.1.0 and < 4.1.5

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before

5.3MEDIUM

CVE-2017-4995

all versions

An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configu

8.1HIGH

CVE-2016-5007

all versions

Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for auth

7.5HIGH

CVE-2014-3527

all versions

When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS S

9.8CRITICAL

CVE-2014-0097

all versions

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If t

7.3HIGH

CVE-2016-9879

all versions

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does

7.5HIGH

CVE-2011-2894

>= 2.0.0 and <= 2.0.6

Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions des