Package impact
Maven / org.thymeleaf:thymeleaf
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41901 | critical | 9.0 | 9.0 | 17d ago | Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns | |||
| CVE-2026-40478 | unknown | — | — | 1mo ago | Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf | |||
| CVE-2026-40477 | unknown | — | — | 1mo ago | Improper restriction of the scope of accessible objects in Thymeleaf expressions |