PatchSiren cyber security CVE debrief
CVE-2026-41730 Spring CVE debrief
CVE-2026-41730 is a vulnerability in Spring Data REST that could allow exposure of sensitive information. The vulnerability has a CVSS score of 5.3 and a severity of MEDIUM. It affects Spring Data REST versions 3.7.0 through 3.7.19, 4.3.0 through 4.3.16, 4.4.0 through 4.4.14, 4.5.0 through 4.5.11, and 5.0.0 through 5.0.5.
- Vendor
- Spring
- Product
- Spring Data REST
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of affected Spring Data REST versions should be aware of this vulnerability and take steps to mitigate it.
Technical summary
Spring Data REST serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence-layer internals to HTTP clients.
Defensive priority
MEDIUM
Recommended defensive actions
- Upgrade to a non-vulnerable version of Spring Data REST.
- Implement additional security measures to protect against exposure of sensitive information.
Evidence notes
The CVE-2026-41730 vulnerability was published on 2026-06-10T00:16:52.483Z and last modified on 2026-06-10T19:24:04.320Z.
Official resources
-
CVE-2026-41730 CVE record
CVE.org
-
CVE-2026-41730 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-41730 was published on 2026-06-10T00:16:52.483Z and last modified on 2026-06-10T19:24:04.320Z.