VULNRABLE / Vulnerability / CVE-2026-41726
CVE-2026-41726
MEDIUM org.springframework.kafka:spring-kafka GHSA
CVSS Score
5.5
Severity
MEDIUM
EPSS
0%
Source
GHSA
Summary
In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header
What this means
CVE-2026-41726 is a medium-severity vulnerability affecting org.springframework.kafka:spring-kafka, rated CVSS 5.5. The EPSS model estimates a 0% probability of exploitation in the next 30 days. Published June 10, 2026.
View full advisory at GHSA →