CVE-2026-41008 — Spring Security Authorization Server's authorization endpoint performs insufficient validation of the request_uri parameter. An attacker can craft a malicious authorization request containing an inval — CVE Database · The Intelligence Room