A vulnerability marked as critical has been reported in Vmware Spring Reactor Netty up to 1.0.51/1.1.35/1.2.17/1.3.5 . Impacted is an unknown function of the component HTTP Redirect Handler . Performing a manipulation results in insufficiently protected credentials. This vulnerability is cataloged as CVE-2026-41715 . It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.