CVE-2026-22748 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder  or NimbusReactiveJwtDecoder, it must configure an OA…
Medium CVSS: 5.3

CVE-2026-22748

Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder  or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for example by calling setJwtValidator.This issue affects Spring Security: from 6.3.0 through 6.3.14, from 6.4.0 through 6.4.14, from 6.5.0 through 6.5.9, from 7.0.0 through 7.0.4.
Vendor
-
Product
-
CWE
-
Yayın Tarihi
2026-04-22 06:16:04
Güncelleme
2026-04-22 06:16:04
Source Identifier
security@vmware.com
KEV Date Added
-

Kategoriler

MEDIUM 2026

Referanslar

https://spring.io/security/cve-2026-22748