CVE-2026-41851

Analyzed Analyzed - Analysis Complete

Denial of Service in Spring Framework via SpEL Cache Growth

Publication date: 2026-06-09

Last updated on: 2026-06-27

Assigner: VMware

Description

Applications which accept user-supplied Spring Expression Language (SpEL) expressions may be vulnerable to a Denial of Service (DoS) attack if the evaluation of a SpEL expression triggers unbounded cache growth. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-27

Generated

2026-06-29

AI Q&A

2026-06-09

EPSS Evaluated

2026-06-28

NVD

CVE-2026-41851

EUVD

EUVD-2026-35339

Affected Vendors & Products

Vendor	Product	Version / Range
vmware	spring_framework	From 5.3.0 (inc) to 5.3.49 (exc)
vmware	spring_framework	From 6.1.0 (inc) to 6.1.28 (exc)
vmware	spring_framework	From 6.2.0 (inc) to 6.2.19 (exc)
vmware	spring_framework	From 7.0.0 (inc) to 7.0.8 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-770	The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Attack-Flow Graph

Executive Summary

CVE-2026-41851 is a medium-severity vulnerability in the Spring Framework related to the Spring Expression Language (SpEL). It occurs when applications accept user-supplied or untrusted SpEL expressions that are parsed and cached. If a large number of such expressions are evaluated, the cache can grow without bounds, leading to excessive memory consumption.

This unbounded cache growth can cause memory exhaustion, which may result in a Denial of Service (DoS) attack, making the affected system unavailable or unstable.

Impact Analysis

This vulnerability can impact you by causing your application or system to experience a Denial of Service (DoS). Specifically, if your application accepts user-controlled SpEL expressions and processes a very high volume of them, the unbounded cache growth can exhaust system memory.

Memory exhaustion can lead to system downtime, degraded performance, or crashes, which can disrupt service availability and affect users relying on your application.

Mitigation Strategies

The recommended mitigation is to upgrade to the fixed versions of the Spring Framework.

Upgrade to Spring Framework 7.0.8 (OSS) or 7.0.7.1 (Commercial).
Upgrade to Spring Framework 6.2.19 (OSS) or 6.2.18.1 (Commercial).
Upgrade to Spring Framework 6.1.28 (Commercial).
Upgrade to Spring Framework 5.3.49 (Commercial).

No additional mitigation steps are required beyond upgrading.

Detection Guidance

This vulnerability arises when applications accept user-supplied Spring Expression Language (SpEL) expressions that cause unbounded cache growth, leading to Denial of Service (DoS). Detection involves monitoring for unusually high memory usage or cache growth related to SpEL evaluations.

No specific detection commands or tools are provided in the available resources. The recommended approach is to verify the Spring Framework version in use and ensure it is updated to a fixed version.

To check the Spring Framework version in your application, you can use commands such as:

For Maven projects: mvn dependency:list | grep spring-framework
For Gradle projects: gradle dependencies --configuration runtimeClasspath | grep spring-framework

Additionally, monitoring system memory usage and application logs for signs of excessive SpEL evaluations or cache growth may help detect exploitation attempts.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Hi! I’m here to help you understand CVE-2026-41851. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70