All 3 CVE vulnerabilities found in Spring Integration, with AI-generated Chinese analysis, references, and POCs.
Vendor: Spring
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40987 | Remote-file synchronizer in Spring Integration writes server-supplied filename under localDirectory without canonicalization CWE-22 | 7.1 | High | 2026-06-11 |
| CVE-2020-5413 | Kryo Configuration Allows Code Execution with Unknown "Serialization Gadgets" CWE-502 | 9.8 | - | 2020-07-31 |
| CVE-2019-3772 | Spring Integration XML External Entity Injection (XXE) CWE-611 | 9.8 | - | 2019-01-18 |
All 3 known CVE vulnerabilities affecting Spring Integration with full Chinese analysis, references, and POCs where available.