Serial number: AV26-574
Date: June 10, 2026
Between June 9 and 10, 2026, Spring published security advisories to address vulnerabilities in the following products:
- Spring AMQP – multiple versions
- Spring Authorization Server – multiple versions
- Spring Web Services – multiple versions
- Spring Web Flow – multiple versions
- Spring REST Docs – multiple versions
- Spring Data Commons – multiple versions
- Spring Data Relational – multiple versions
- Spring Security – multiple versions
- Spring Data MongoDB – multiple versions
- Spring Data JDBC – multiple versions
- Spring Data KeyValue – multiple versions
- Spring Data R2DBC – multiple versions
- Spring Data Redis – multiple versions
- Spring Data REST – multiple versions
- Spring for Apache Kafka – multiple versions
- Spring for Apache Pulsar – multiple versions
- Spring Data Commons (transitively affects all Spring Data store modules) – multiple versions
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.