> If this is Hibernate 5.x it shouldn't be an issue. We found out that Hibernate 5.3 still gets security support as its latest patch version 5.3.38 is rolled out this year and isn't affected by CVE-2026-0603 so we are considering downgrading hibernate-core to this specific version.
Our only concern is that Struts lists hibernate-core 5.6.15 as its dependency. Should we expect any issues by downgrading to 5.3? Cheers Angel
