pkg:Maven/org.thymeleaf:thymeleaf-spring6

3 total CVEsCRITICAL3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.0CVE-2026-41901Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns
    from 0, < 3.1.5.RELEASE
  • CRITICAL9.0CVE-2026-40478Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf
    from 0, < 3.1.4.RELEASE
  • CRITICAL9.0CVE-2026-40477Improper restriction of the scope of accessible objects in Thymeleaf expressions
    from 0, < 3.1.4.RELEASE