All 2 CVE vulnerabilities found in thymeleaf, with AI-generated Chinese analysis, references, and POCs.
Vendor: thymeleaf
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40478 | Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf CWE-917 | 9.1 | Critical | 2026-04-17 |
| CVE-2026-40477 | Improper restriction of the scope of accessible objects in Thymeleaf expressions CWE-917 | 9.1 | Critical | 2026-04-17 |
All 2 known CVE vulnerabilities affecting thymeleaf with full Chinese analysis, references, and POCs where available.