Executive Summary

CVE-2026-41847 is a security vulnerability in the Spring Framework that affects applications using Spring WebFlux with the Kotlin Router DSL.

The vulnerability occurs when a filter modifies or replaces the ServerRequest (for example, using ServerRequestWrapper) before passing it to the next handler. In this case, the security-related changes made by the filter are discarded silently, and the downstream handler receives the original, unmodified request.

As a result, security checks that rely on the modified request become ineffective, allowing a security bypass.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not specify how the CVE-2026-41847 vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to a security bypass in Spring WebFlux applications using the Kotlin Router DSL.

Because security filters that modify the ServerRequest are ignored downstream, unauthorized or malicious requests might bypass security checks.

This can result in unauthorized access or actions within the affected application, potentially compromising confidentiality and integrity.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability occurs specifically in Spring WebFlux applications using the Kotlin Router DSL along with a filter that modifies or replaces the ServerRequest before passing it to the next handler. Detection involves reviewing your application code to identify usage of Spring WebFlux with the Kotlin Router DSL and filters that modify ServerRequest objects.

There are no specific network or system commands provided to detect this vulnerability automatically.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate and recommended mitigation step is to upgrade the Spring Framework to version 5.3.49 or later.

No additional mitigation steps are required after upgrading.

Useful 0 Not Useful 0