Skip to main content
Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
io.micronaut/micronaut-inject 4.10.15 | Vu… | Sonatype Guide
Get full component data and automated fixes with Sonatype Guide.
Sign up for free
maven
io.micronaut
micronaut-inject
4.10.15
micronaut-inject 4.10.15
io.micronaut
Published
Feb 10, 2026
•
Policy
compliance
maven Registry
Developer Trust Score
Recommended Version:
x.y.z
Recommended upgrade that meets your policy.
Compare Versions
Overview
Overview
Versions
379
Versions
379
Vulnerabilities
1
Vulnerabilities
1
Dependencies
4
Dependencies
4
Severity
Critical
(0)
High
(0)
Medium
(0)
Low
(1)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
3.7
CVE-2026-44242
Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Prior to 4.10.22, the bundleCache is keyed by (Locale, baseName) where the locale originates from the HTTP Accept-Language header. In applications that explicitly register a ResourceBundleMessageSource bean and serve HTML error responses, an unauthenticated attacker can exhaust heap memory by sending requests with large numbers of unique Accept-Language values, each causing a new entry in the unbounded bundleCache. This vulnerability is fixed in 4.10.22.
affected
Severity
Low
Published
May 7, 2026
