Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/06 1:44 p.m.6 views

Security Bulletin: Due to use of spring-boot-autoconfigure-3.5.13.jar, IBM Sterling Connect:Direct Web Services is vulnerable to not perform hostname verification.

Summary spring-boot-autoconfigure-3.5.13.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-40971, CVE-2026-40974. Vulnerability Details CVEID:CVE-2026-40971 DESCRIPTION: When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname...

9.8CVSS5.5AI score0.00182EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-40971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker...

9.1CVSS6AI score0.00157EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/27 10:45 p.m.2 views

CVE-2026-40971

When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14 per vendor advisory...

5CVSS5.2AI score0.00157EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2026/04/23 12:0 a.m.6 views

ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +17982 more potentially affected by CVE-2026-40971 via org.springframework.boot:spring-boot-autoconfigure (>=3.2.0 <=3.5.13)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =3.2.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0 -...

9.1CVSS5.7AI score0.00157EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/23 12:0 a.m.13 views

ai.platon.pulsar:pulsar-agentic (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-boot (>=4.5.0 <=4.8.4) +5026 more potentially affected by CVE-2026-40971 via org.springframework.boot:spring-boot-autoconfigure (>=4.0.0-M1 <=4.0.5)

org.springframework.boot:spring-boot-autoconfigure MAVEN version =4.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.7.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0-beta-2 and more Source cves: CVE-2026-40971 Source advisory:...

9.1CVSS5.7AI score0.00157EPSS
Exploits0
Rows per page
Query Builder