CVE-2025-41254

MEDIUM

Spring Framework 5.3.0-5.3.45, 6.0.x-6.0.29, 6.1.0-6.1.23, 6.2.0-6.2.11 - Security Bypass via STOMP over WebSocket

Title source: llm

Description

STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.11 * 6.1.0 - 6.1.23 * 6.0.x - 6.0.29 * 5.3.0 - 5.3.45 * Older, unsupported versions are also affected. MitigationUsers of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix versionAvailability6.2.x6.2.12OSS6.1.x6.1.24 Commercial https://enterprise.spring.io/ 6.0.xN/A Out of support https://spring.io/projects/spring-framework#support 5.3.x5.3.46 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. CreditThis vulnerability was discovered and responsibly reported by Jannis Kaiser.

References (2)

Core 2

Core References

Vendor Advisory

https://spring.io/security/cve/2025-41254

Various Sources

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N&version=3.1

Scores

CVSS v3 4.3

EPSS 0.0006

EPSS Percentile 19.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-352

Status published

Products (5)

org.springframework/spring-websocket 6.2.0 - 6.2.12Maven

VMware/Spring Framework 5.3.x

VMware/Spring Framework 6.0.x

VMware/Spring Framework 6.1.x

VMware/Spring Framework 6.2.x

Published Oct 16, 2025

Tracked Since Feb 18, 2026