CVE-2026-41730

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Jun 10, 2026

Vendor unknown

Description

Spring Data REST serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence-layer internals to HTTP clients. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0 through 4.5.11; 5.0.0 through 5.0.5.

References

https://spring.io/security/cve-2026-41730