A vulnerability was found in valtimo com.ritense.valtimo:document up to 13.22.x and classified as critical . Affected is an unknown function of the component Spring Expression Language Handler . Executing a manipulation can lead to code injection. The identification of this vulnerability is CVE-2026-42555 . The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.