Last night, news broke that the Java Spring framework may release an update fixing a significant security vulnerability. The project added a patch to the Spring framework GitHub repository that appears to fix a deserialization vulnerability [1]. This patch supports speculations about the new vulnerability.
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center