Home
MEDIUM: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NDefault status
unaffected
5.0.0 (custom) before 5.0.6
affected
4.5.0 (custom) before 4.5.12
affected
4.4.0 (custom) before 4.4.15
affected
4.3.0 (custom) before 4.3.17
affected
4.2.0 (custom) before 4.2.16
affected
4.1.0 (custom) before 4.1.15
affected
4.0.0 (custom) before 4.0.16
affected
3.4.0 (custom) before 3.4.20
affected
Description
Spring Data MongoDB repository query methods annotated with @Query that use regex parameter binding perform insufficient validation of the bound parameter. An attacker can supply a crafted string to break out of the intended regular expression quoting. Affected versions: Spring Data MongoDB 5.0.0 through 5.0.5; 4.5.0 through 4.5.11; 4.4.0 through 4.4.14; 4.3.0 through 4.3.16; 4.2.0 through 4.2.15; 4.1.0 through 4.1.14; 4.0.0 through 4.0.15; 3.4.0 through 3.4.19.
Problem types
CWE-943: Improper Neutralization of Special Elements in Data Query Logic
Product status
5.0.0 (custom) before 5.0.6
4.5.0 (custom) before 4.5.12
4.4.0 (custom) before 4.4.15
4.3.0 (custom) before 4.3.17
4.2.0 (custom) before 4.2.16
4.1.0 (custom) before 4.1.15
4.0.0 (custom) before 4.0.16
3.4.0 (custom) before 3.4.20
References
spring.io/security/cve-2026-41696