Lucene search
K

CVE-2026-40974

🗓️ 28 Apr 2026 00:16:24Reported by [email protected]Type 
nvd
 nvd
🔗 web.nvd.nist.gov👁 4 Views

CVE-2026-40974: Spring Boot Cassandra SSL auto-configuration lacks hostname verification in SSL connections.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Sterling Control Center is affected by a vulnerability in spring-boot-autoconfigure (CVE-2026-40974)
27 May 202614:04
ibm
IBM Security Bulletins
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
27 May 202606:40
ibm
IBM Security Bulletins
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Spring Boot
26 Jun 202620:28
ibm
IBM Security Bulletins
Security Bulletin: Maximo AI Service uses multiple third party dependencies which are vulnerable to multiple CVEs.
1 Jun 202608:35
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
24 May 202615:12
ibm
IBM Security Bulletins
Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Certificate Validation (CVE-2026-40971, CVE-2026-40974)
16 Jun 202614:10
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
28 May 202613:24
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
24 May 202615:04
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
24 May 202615:08
ibm
IBM Security Bulletins
Security Bulletin: Due to use of spring-boot-autoconfigure-3.5.13.jar, IBM Sterling Connect:Direct Web Services is vulnerable to not perform hostname verification.
6 Jun 202613:44
ibm
Rows per page
NVD
Node
vmwarespring_bootRange2.7.02.7.33
OR
vmwarespring_bootRange3.3.03.3.19
OR
vmwarespring_bootRange3.4.03.4.16
OR
vmwarespring_bootRange3.5.03.5.14
OR
vmwarespring_bootRange4.0.04.0.6

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation