A vulnerability classified as problematic has been found in Vmware Spring for GraphQL up to 1.3.8/1.4.5/2.0.3 . The impacted element is an unknown function. The manipulation leads to deserialization. This vulnerability is referenced as CVE-2026-41699 . Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.