CVE-2026-22737— Spring Framework Improper Path Limitation with Script View Templates
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-22737
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Spring Framework Improper Path Limitation with Script View Templates
Source: NVD (National Vulnerability Database)
Vulnerability Description
Use of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This issue affects Spring Framework: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Spring Framework 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Spring Framework是Spring开源的一款应用开发框架。 Spring Framework 7.0.5及之前版本、6.2.16及之前版本、6.1.25及之前版本和5.3.46及之前版本存在安全漏洞,该漏洞源于使用Java脚本引擎模板视图可能导致脚本模板视图配置位置之外的文件内容泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Spring | Spring Framework | 7.0.0 ~ 7.0.5 | - |
II. Public POCs for CVE-2026-22737
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-22737
请登录查看更多情报信息。
Same Patch Batch · Spring · 2026-03-19 · 4 CVEs total
| CVE-2026-22731 | 8.2 HIGH | Authentication Bypass under Actuator Health groups paths |
| CVE-2026-22733 | 8.2 HIGH | Authentication Bypass under Actuator CloudFoundry endpoints |
| CVE-2026-22735 | 2.6 LOW | Server Sent Event stream corruption |
IV. Related Vulnerabilities
Same product: Spring Framework
- CVE-2026-22745
CVE-2026-22745 : Denial of service in static resource handli - CVE-2026-22741
Static resource cache poisoning in Spring MVC and WebFlux - CVE-2026-22740
Spring Framework DoS with Multipart Temp Files in WebFlux - CVE-2025-41254
Spring Framework STOMP CSRF Vulnerability - CVE-2025-41249
CVE-2025-41249: Spring Framework Annotation Detection Vulner
V. Comments for CVE-2026-22737
No comments yet