Security Advisory

Spring Product Security Update Advisory (CVE-2026-41842)

Jun 22 2026

Spring Product Security Update Advisory (CVE-2026-41842)

Overview

A security update has been released to address a vulnerability in Spring products. The vulnerability is a denial-of-service (DoS) vulnerability in the Spring Framework, identified as CVE-2026-41842.

Affected Products

Spring Framework 7.0.0 through 7.0.7.
Spring Framework 6.2.0 through 6.2.18.
Spring Framework 6.1.0 through 6.1.27.
Spring Framework 5.3.0 through 5.3.48.

Resolution

A Vulnerability Patch has been released in the latest updates. The recommended patch versions are as follows:

Spring Framework 7.0.8.
Spring Framework 7.0.7.1.
Spring Framework 6.2.19.
Spring Framework 6.2.18.1.
Spring Framework 6.1.28.
Spring Framework 5.3.49.

Note

You must update to the latest version of the Vulnerability Patch as instructed on the reference site.

Previous Post

Fortinet Product Security Update Advisory

Next Post

Chrome Product Security Update Advisory (CVE-2026-11645)