CVE-2026-40478 Overview
CVE-2026-40478 is a critical Server-Side Template Injection (SSTI) vulnerability affecting Thymeleaf, a widely-used server-side Java template engine for web and standalone environments. The vulnerability exists in the expression execution mechanisms where the library fails to properly neutralize specific syntax patterns, allowing attackers to bypass built-in expression injection protections. When application developers pass unvalidated user input directly to the template engine, unauthenticated remote attackers can exploit this flaw to execute unauthorized expressions, potentially leading to remote code execution.
Critical Impact
Unauthenticated remote attackers can bypass Thymeleaf's expression injection protections to achieve Server-Side Template Injection, potentially enabling arbitrary code execution on the server.
Affected Products
- Thymeleaf versions 3.1.3.RELEASE and prior
Discovery Timeline
- 2026-04-17 - CVE-2026-40478 published to NVD
- 2026-04-20 - Last updated in NVD database
Technical Details for CVE-2026-40478
Vulnerability Analysis
This vulnerability is classified under CWE-917 (Improper Neutralization of Special Elements used in an Expression Language Statement). Thymeleaf provides built-in mechanisms designed to prevent expression injection attacks by restricting the types of expressions that can be evaluated. However, the library contains a security bypass that fails to properly sanitize specific syntax patterns within user-controlled input.
When an application passes unvalidated user input to the Thymeleaf template engine, an attacker can craft malicious payloads that circumvent the protection mechanisms. This allows execution of arbitrary Spring Expression Language (SpEL) or Object-Graph Navigation Language (OGNL) expressions, depending on the Thymeleaf configuration and dialect in use.
Root Cause
The root cause of this vulnerability lies in incomplete input validation within Thymeleaf's expression parsing and execution logic. The library's protection mechanisms do not account for all possible syntax patterns that could be leveraged to inject malicious expressions. Specific character sequences or encoding variations can bypass the sanitization filters, allowing attackers to inject and execute arbitrary expressions.
Attack Vector
The attack vector is network-based and requires the attacker to identify an application endpoint where user input is processed by the Thymeleaf template engine without proper validation. The attacker crafts a specially formatted input string containing expression language syntax that bypasses the library's protections. When the vulnerable application processes this input, the malicious expression is evaluated on the server, potentially allowing the attacker to:
- Execute arbitrary system commands
- Read or modify sensitive files
- Access environment variables and application secrets
- Establish persistence or pivot to internal systems
The attack is particularly dangerous because it can be performed by unauthenticated remote attackers if the vulnerable endpoint is publicly accessible. The scope is changed (S:C in CVSS vector), meaning successful exploitation can impact resources beyond the vulnerable component.
The vulnerability occurs when user-controlled data flows into Thymeleaf template processing without adequate sanitization. Attackers can craft expression language payloads that exploit gaps in the library's protection mechanisms to achieve code execution. For detailed technical information regarding specific bypass techniques, refer to the GitHub Security Advisory.
Detection Methods for CVE-2026-40478
Indicators of Compromise
- Unusual HTTP request parameters containing expression language syntax such as ${, *{, #{, @{, or ~{ patterns
- Web server logs showing requests with encoded expression language payloads targeting template-rendered endpoints
- Unexpected process spawning or outbound connections originating from Java application server processes
- Error logs indicating template parsing failures with suspicious expression content
Detection Strategies
- Implement Web Application Firewall (WAF) rules to detect and block requests containing Thymeleaf expression language patterns in user input
- Deploy runtime application self-protection (RASP) solutions capable of monitoring expression language evaluation
- Configure application logging to capture and alert on template processing errors and exceptions
- Use SentinelOne Singularity to monitor for behavioral indicators of post-exploitation activity
Monitoring Recommendations
- Monitor Java application processes for suspicious child process creation, particularly shell interpreters
- Track outbound network connections from web application servers for command-and-control communication attempts
- Implement file integrity monitoring on application directories to detect unauthorized modifications
- Review application logs for template parsing exceptions that may indicate exploitation attempts
How to Mitigate CVE-2026-40478
Immediate Actions Required
- Upgrade Thymeleaf to version 3.1.4.RELEASE or later immediately
- Audit application code to identify all locations where user input is passed to Thymeleaf template processing
- Implement strict input validation and sanitization for any user-controlled data processed by templates
- Consider implementing a content security policy and additional WAF rules as defense-in-depth measures
Patch Information
The Thymeleaf development team has addressed this vulnerability in version 3.1.4.RELEASE. Organizations using Thymeleaf versions 3.1.3.RELEASE or earlier should upgrade immediately. For Maven-based projects, update the dependency version in your pom.xml. For Gradle projects, update the version in your build.gradle file. Additional details are available in the GitHub Security Advisory.
Workarounds
- Implement strict input validation to reject any user input containing expression language syntax patterns before template processing
- Use allowlist-based validation for template variables where feasible, accepting only known-safe character sets
- Consider sandboxing the Thymeleaf template engine by restricting the classes and methods accessible from expressions
- Deploy network-level controls to limit the impact of potential compromise, including egress filtering
# Maven dependency update example
# Update pom.xml to use patched version:
# <dependency>
# <groupId>org.thymeleaf</groupId>
# <artifactId>thymeleaf</artifactId>
# <version>3.1.4.RELEASE</version>
# </dependency>
# Verify current Thymeleaf version in your project
mvn dependency:tree | grep thymeleaf
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
