VULNRABLE / Vulnerability / CVE-2026-41731
CVE-2026-41731
HIGH org.springframework.kafka:spring-kafka GHSA
CVSS Score
8
Severity
HIGH
EPSS
0%
Source
GHSA
Summary
In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization
What this means
CVE-2026-41731 is a high-severity vulnerability affecting org.springframework.kafka:spring-kafka, rated CVSS 8. The EPSS model estimates a 0% probability of exploitation in the next 30 days. Published June 10, 2026.
View full advisory at GHSA →