pkg:Maven/org.thymeleaf:thymeleaf
3 total CVEsCRITICAL3
✅ Check your installed version
All known vulnerabilities
CRITICAL9.0CVE-2026-41901Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns from 0, < 3.1.5.RELEASE
CRITICAL9.0CVE-2026-40478Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf from 0, < 3.1.4.RELEASE
CRITICAL9.0CVE-2026-40477Improper restriction of the scope of accessible objects in Thymeleaf expressions from 0, < 3.1.4.RELEASE