Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
Critical

Server-Side Template Injection in Thymeleaf expression execution

IdentifiersCVE-2026-40478CWE-917· Improper Neutralization of Special…

CVE-2026-40478 is a security bypass vulnerability in Thymeleaf affecting 3.1.3.RELEASE and earlier. The flaw is in Thymeleaf’s expression execution protections for Spring Expression Language (SpEL): specific syntax patterns are not properly neutralized, allowing attacker-controlled input to bypass intended expression-injection defenses and trigger unauthorized expression evaluation. Supporting content indicates two contributing weaknesses in vulnerable versions: a parsing mismatch where Thymeleaf checked for the token sequence "new " using a literal ASCII space while SpEL accepts other whitespace such as tabs or newlines, and incomplete type restrictions that did not block dangerous non-java.* classes, including Spring classes such as org.springframework.core.io.FileSystemResource. In affected applications, if unvalidated user input is incorporated into Thymeleaf expression text, view names, fragment selectors, or similar parsed channels, an unauthenticated remote attacker can achieve server-side template injection (SSTI). The issue is fixed in Thymeleaf 3.1.4.RELEASE.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows unauthorized server-side expression execution in affected Thymeleaf/Spring applications. The documented impact includes SSTI leading to arbitrary file creation or file write primitives, and potentially full remote code execution depending on available classes and application context. Because the vulnerability is remotely reachable when attacker-controlled input reaches Thymeleaf expression parsing, exploitation can also result in compromise of confidentiality, integrity, and availability of the hosting application and underlying server.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, prevent any untrusted input from being used as Thymeleaf expression text, inline expressions, view names, fragment specifiers, or other values that are parsed by the template engine. Audit application code paths that concatenate request parameters, headers, cookies, or other user-controlled data into template expressions or template-selection logic. Treat Thymeleaf expression construction from request data as unsafe by default. There is no complete workaround in the provided content beyond upgrading and eliminating unsafe input flows into the expression engine.

Remediation

Patch, then assume compromise.

Upgrade Thymeleaf to 3.1.4.RELEASE or newer. Where applicable, update all related artifacts identified in the supporting content, including org.thymeleaf:thymeleaf, org.thymeleaf:thymeleaf-spring5, and org.thymeleaf:thymeleaf-spring6, to 3.1.4.RELEASE or later. The fixed release adds broader whitespace normalization and detection, expands restricted object and package checks, and tightens Spring-related protections around expression handling and view-name correlation.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
ThymeleafThymeleafapplication
ThymeleafThymeleaf-Spring5application
ThymeleafThymeleaf-Spring6application

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

11 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

11 SOURCESView more in app
reddit netsecNews
Apr 29, 2026
The Thymeleaf Template Injection That Only Hurts If You Let It : r/netsec

A specific Thymeleaf template injection vulnerability discussed in the referenced post/article; the content suggests its impact depends on deployment or usage conditions.

Read more
cvefeed high severityNews
Apr 17, 2026
CVE-2026-40478 - Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf

A security bypass vulnerability in Thymeleaf's expression execution mechanisms that can allow unauthenticated remote attackers to achieve server-side template injection (SSTI) when unvalidated user input is passed directly to the template engine.

Read more
endorlabsNews
Apr 16, 2026
It's About Thyme: How a Whitespace Character Broke Thymeleaf's Expression Sandbox (CVE-2026-40478) | Blog | Endor Labs

A critical server-side template injection vulnerability in Thymeleaf 3.1.3 and earlier that allows bypass of built-in protections via whitespace parsing and incomplete type blocklisting, enabling arbitrary expression execution, file writes, and potential remote code execution in Spring-based applications.

Read more
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity8

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2026-40478
NVD
nvd.nist.gov/vuln/detail/CVE-2026-40478
MITRE CWE · CWE-917
Improper Neutralization of Special Elements…
Vendor Advisory
github.com/thymeleaf/thymeleaf/security/advisories/GHSA-xjw8-8c5c-9r79