Back to CVE List

CVE-2026-40477

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score

9.1 / 10

Vulnerability Description

Improper restriction of the scope of accessible objects in Thymeleaf expressions

Vulnerability Details

Published Date

April 15, 2026

Last Modified

April 15, 2026

Source

GitHub

Vendor

maven

Product

org.thymeleaf:thymeleaf

External References

Discussion (0)

Add Comment

No comments yet. Be the first!