Thymeleaf SSTI allows server-side code execution (CVE-2026-40477)

Patch now - CVE-2026-40477 is a critical server-side template injection (SSTI) in Thymeleaf through 3.1.3.RELEASE that grants unauthenticated remote attackers arbitrary code execution via malicious template expressions. Upgrade to version 3.1.4.RELEASE immediately to block exploitation.

Overview

A critical security bypass vulnerability in the Thymeleaf Java template engine could allow attackers to execute arbitrary code on affected servers. Tracked as CVE-2026-40477, this flaw resides in versions 3.1.3.RELEASE and earlier.

Vulnerability Details

Thymeleaf is designed to safely process templates by restricting the objects a template can access. This vulnerability breaks that security boundary. The library’s expression execution mechanisms fail to properly restrict the scope of accessible objects, allowing an attacker to reach sensitive internal objects. When an application passes unvalidated user input directly to the template engine, an attacker can inject malicious expressions. This results in Server-Side Template Injection (SSTI), effectively bypassing the library’s built-in protections.

Impact and Severity

This is a critical vulnerability with a CVSS score of 9.0. An unauthenticated remote attacker could exploit this flaw to execute arbitrary code on the server hosting the vulnerable Thymeleaf application. The potential consequences are severe, including:

• Full compromise of the application server.
• Theft of sensitive data, such as database credentials or user information.
• Deployment of ransomware or other malware on the host system. The attack can be performed over the network with no user interaction required, making it highly exploitable.

Affected Versions and Remediation

All versions of Thymeleaf up to and including 3.1.3.RELEASE are affected.

Primary Fix: The only complete remediation is to upgrade to Thymeleaf version 3.1.4.RELEASE or later. This update contains the necessary fixes to properly restrict object access within templates. Developers should update their project dependencies immediately.

Mitigation (If Patching is Delayed): As an interim measure, application developers must rigorously validate and sanitize all user input before it is passed to the Thymeleaf template engine for processing. However, input validation is complex and error-prone; upgrading the library is the strongly recommended action. Organizations should review their applications for any signs of compromise, as this type of vulnerability is a prime target for attackers seeking initial access. For more on the tactics of modern attackers, you can review recent security news.

Security Insight

This vulnerability highlights the persistent risk in abstraction layers designed for safety, like template engines. When the core security promise of “sandboxing” fails, it can instantly expose a vast number of applications that trusted the library’s integrity. Similar template engine SSTI flaws in other ecosystems, such as certain Python and JavaScript frameworks, have historically been rapidly weaponized following disclosure, underscoring the urgency for Java developers to apply this patch.

Update - May 2026

As of 2026-05-09, no official patch has been released by the Thymeleaf project for CVE-2026-40477. The vendor has acknowledged the issue and indicated a fix is targeted for version 3.1.4.RELEASE, currently in development. No patch or workaround has been published.

EPSS score has held steady at approximately 0.0005 (16th percentile), suggesting low predicted exploitation likelihood in the near term. CVE-2026-40477 has not been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog as of this update. Defenders should continue monitoring KEV for potential inclusion, as the vulnerability’s severity (CVSS 9.0) warrants attention.

No related CVEs in the Thymeleaf family or similar expression injection attack patterns have been published since the original advisory. No confirmed exploitation in the wild has been reported, and no public detection signatures (Snort, Suricata, or YARA) have been released.

Recommended actions: Apply vendor-provided workarounds (if any become available), restrict access to Thymeleaf template endpoints, and monitor for abnormal expression evaluation patterns. If patching is not possible, consider temporarily disabling dynamic expression evaluation in untrusted contexts. Continue tracking CISA KEV and EPSS updates weekly.

Further Reading

• All Critical Vulnerabilities
• Recent Critical Vulnerabilities
• Top Critical CVEs