{“lastseen”:””,”description”:”Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher (STARTING, ENDING, or CONTAINING) in Query By Example (QBE). An attacker can supply wildcard characters to perform boolean-based blind data inference.\\n\\nAffected versions:\\nSpring Data Relational\/JDBC\/R2DBC 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.4.0 through 2.4.19.”,”published”:”2026-06-09T23:47:42.091Z”,”modified”:”2026-06-09T23:47:42.091Z”,”type”:”cve”,”title”:”Spring Data Relational Parameter not Escaped for Query By Example LIKE Pattern”,”source”:”vmware”,”references”:”https:\/\/spring.io\/security\/cve-2026-41697″,”id”:”CVE-2026-41697″,”bulletinFamily”:””,”cwe”:[“CWE-943″],”cvelist”:null,”sourceData”:”Spring Spring Data Relational 4.0.0\\nSpring Spring Data Relational 3.5.0\\nSpring Spring Data Relational 3.4.0\\nSpring Spring Data Relational 3.3.0\\nSpring Spring Data Relational 3.2.0\\nSpring Spring Data Relational 3.1.0\\nSpring Spring Data Relational 3.0.0\\nSpring Spring Data Relational 2.4.0\\nSpring Spring Data JDBC 4.0.0\\nSpring Spring Data JDBC 3.5.0\\nSpring Spring Data JDBC 3.4.0\\nSpring Spring Data JDBC 3.3.0\\nSpring Spring Data JDBC 3.2.0\\nSpring Spring Data JDBC 3.1.0\\nSpring Spring Data JDBC 3.0.0\\nSpring Spring Data JDBC 2.4.0\\nSpring Spring Data R2DBC 4.0.0\\nSpring Spring Data R2DBC 3.5.0\\nSpring Spring Data R2DBC 3.4.0\\nSpring Spring Data R2DBC 3.3.0\\nSpring Spring Data R2DBC 3.2.0\\nSpring Spring Data R2DBC 3.1.0\\nSpring Spring Data R2DBC 3.0.0\\nSpring Spring Data R2DBC 1.5.0″,”sourceHref”:””,”cvss”:{“score”:4.8,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:L”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Spring Data Relational”,”version”:”4.0.0″,”vendor”:”Spring”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Spring Data Relational does not properly escape binding values of externally-controlled input when using StringMatcher (STARTING, ENDING, or CONTAINING) in Query By Example (QBE). An…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,75,12,21,13,7,11,5],"class_list":["post-61498","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-48","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n