10435 matches found
Spring Boot's default security filter chain has no authorization rule with Actuator but without Health
In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...
com.devskiller.friendly-id:friendly-id-openfeign (>=2.0.0-alpha3 <=2.0.0-beta5), io.github.bluetape4k:bluetape4k-spring-boot4-cassandra (>=1.5.0 <=1.7.0) +18 more potentially affected by CVE-2026-40977 via org.springframework.boot:spring-boot-cassandra (>=4.0.0 <=4.0.5)
org.springframework.boot:spring-boot-cassandra MAVEN version =4.0.0, =2.0.0-alpha3, =1.5.0, =2.0.0-M1, =2.0.0-M1, =2.0.0-M1, =2.0.0-M1, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.5 - org.springframework.boot:spring-boot-starter-data-cassan...
africa.absa:inception-api (>=1.0.0 <=1.2.0), africa.absa:inception-application (>=1.0.0 <=1.2.0) +39297 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=1.0.0.RELEASE <=2.7.3)
org.springframework.boot:spring-boot MAVEN version =1.0.0.RELEASE, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =4.4.0.0, =4.6.0.0 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...
com.devskiller.friendly-id:friendly-id-openfeign (>=2.0.0-alpha3 <=2.0.0-beta5), io.github.bluetape4k:bluetape4k-spring-boot4-cassandra (>=1.5.0 <=1.7.0) +18 more potentially affected by CVE-2026-40975 via org.springframework.boot:spring-boot-cassandra (>=4.0.0 <=4.0.5)
org.springframework.boot:spring-boot-cassandra MAVEN version =4.0.0, =2.0.0-alpha3, =1.5.0, =2.0.0-M1, =2.0.0-M1, =2.0.0-M1, =2.0.0-M1, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.5 - org.springframework.boot:spring-boot-starter-data-cassan...
ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.114.0 <=0.120.0), ai.ancf.lmos:arc-memory-mongo-spring-boot-starter (>=0.114.0 <=0.120.0) +4727 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.4.0 <=3.4.13)
org.springframework.boot:spring-boot MAVEN version =3.4.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.17.0, =1.17.0, =1.17.0, =0.0.1, =0.0.1, =0.25.7-rc.64, =0.25.7-rc.68 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...
ai.driftkit:driftkit-audio-core (>=0.5.0 <=0.8.3), ai.driftkit:driftkit-audio-spring-boot-starter (>=0.5.0 <=0.8.7) +4990 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.3.0 <=3.3.13)
org.springframework.boot:spring-boot MAVEN version =3.3.0, =0.5.0, =0.5.0, =0.5.0, =0.5.8, =0.5.0, =0.5.7, =0.5.0, =0.6.0, =0.6.0, =0.5.0, =0.5.0, =0.5.0, =0.7.9, =0.6.0, =0.6.0, =0.8.7 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...
GHSA-MQVW-JFMH-93QQ Spring Boot's Cassandra SSL auto-configuration disables TLS hostname verification
Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16, 3.3.0–3.3.18 fix 3.3.19, 2.7.0–2.7.32 fix 2.7.33; Cassandra SSL...
GHSA-WWPQ-F5C3-7HVX Spring Boot accepts predictable temp directory without ownership verification
A local attacker on the same host as the application may be able to take control of the directory used by ApplicationTemp. When server.servlet.session.persistent is set to true and the attack persists across application restarts, this may allow the attacker to read session information and hijack...
GHSA-8V8J-3HXP-93WR Spring Boot's default security filter chain has no authorization rule with Actuator but without Health
In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...
com.okta.spring.examples:okta-spring-boot-hosted-code-flow-example (=3.0.7), com.okta.spring.examples:okta-spring-boot-redirect-code-flow-example (=3.0.7) +21 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=3.3.0 <=3.3.1)
org.springframework.boot:spring-boot-devtools MAVEN version =3.3.0, =1.6.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 - org.bremersee:common-exception-spring-boot-autoconfigure =1.1.0 - org.bremersee:common-exception-spring-boot-web-starter =1.1.0 -...
ai.hyacinth.framework:core-service-admin-server (=0.5.24), ai.hyacinth.framework:core-service-config-server (=0.5.24) +849 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=1.3.0.RELEASE <=2.7.3)
org.springframework.boot:spring-boot-devtools MAVEN version =1.3.0.RELEASE, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =1.0.0, =0.0.2, =0.0.3, =1.0.0, =1.0.5 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 and more Source cves: CVE-2026-40972 Source...
com.digitalsanctuary:ds-spring-user-framework (>=3.0.0 <=3.1.0), com.the-qa-company:qendpoint-backend (>=2.3.0 <=2.5.1) +14 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=3.4.0 <=3.4.13)
org.springframework.boot:spring-boot-devtools MAVEN version =3.4.0, =3.0.0, =2.3.0, =2.3.0, =3.1.9, =3.2.0 - de.muenchen.oss.ad2image:ad2image-app =1.1.0 - org.bremersee:common-exception-spring-boot-autoconfigure =5.0.0 - org.bremersee:common-exception-spring-boot-web-starter =5.0.0 -...
io.github.dbmdz.cudami:cudami (>=10.0.0 <=10.2.0-rc.3), io.github.gregor-poloczek.project-maintainer:project-maintainer-ui (>=0.13.0 <=0.20.0) +9 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=3.5.0 <=3.5.11)
org.springframework.boot:spring-boot-devtools MAVEN version =3.5.0, =10.0.0, =0.13.0, =3.2.0, =4.1.1 Source cves: CVE-2026-40972 Source advisory: OSV:GHSA-56V8-86GJ-66JP...
Spring Boot DevTools remote secret comparison is vulnerable to timing attacks
An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code executio...
Spring Boot's RabbitMQ auto-configuration doesn't perform hostname verification when connecting to the RabbitMQ broker
When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14 per vendor advisory...
com.jayxu:demo (>=0.10.0 <=0.11.0), com.okta.spring.examples:okta-spring-boot-hosted-code-flow-example (>=3.0.9 <=3.1.0) +8 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=4.0.1 <=4.0.3)
org.springframework.boot:spring-boot-devtools MAVEN version =4.0.1, =0.10.0, =3.0.9, =3.0.9, =3.0.9, =3.0.9, =2.0.0, =2.1.1 - de.tschuehly:spring-view-component-thymeleaf =0.9.1 - io.stereov.singularity:core =1.10.6 - org.flowable:flowable-app-rest =8.0.0 - se.swedenconnect.bankid:bankid-idp =1.3...
GHSA-9VC8-QPPQ-WVXC Spring Boot's RabbitMQ auto-configuration doesn't perform hostname verification when connecting to the RabbitMQ broker
When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14 per vendor advisory...
GHSA-56V8-86GJ-66JP Spring Boot DevTools remote secret comparison is vulnerable to timing attacks
An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code executio...
CVE-2026-40973
A local attacker on the same host as the application may be able to take control of the directory used by ApplicationTemp. When server.servlet.session.persistent is set to true and the attack persists across application restarts, this may allow the attacker to read session information and hijack...
CVE-2026-40972
An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code executio...