Lucene search
K

751 matches found

vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.7 views

com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +17 more potentially affected by CVE-2026-40981 via org.springframework.cloud:spring-cloud-config-server (>=4.0.0 <=4.3.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.0.0, =0.0.1, =1.0.0, =3.0.3, =0.5, =0.0.1, =0.1.41-Beta, =1.0.1, =1.2.1-rc1, =7.0.0, =7.0.0, =26.01.01, =26.05.07 - org.octopusden.cloud.config-server:config-server =2.0.4 and more Source cves: CVE-2026-40981 Source advisory:...

7.5CVSS5.4AI score0.00435EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.11 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40982 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439043...

9.1CVSS5.8AI score0.00727EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.9 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40981 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40981 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439020...

7.5CVSS5.8AI score0.00435EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/06 12:0 a.m.8 views

com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +17 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=4.0.0 <=4.3.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.0.0, =0.0.1, =1.0.0, =3.0.3, =0.5, =0.0.1, =0.1.41-Beta, =1.0.1, =1.2.1-rc1, =7.0.0, =7.0.0, =26.01.01, =26.05.07 - org.octopusden.cloud.config-server:config-server =2.0.4 and more Source cves: CVE-2026-40982 Source advisory:...

9.1CVSS5.4AI score0.00727EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/05 2:42 p.m.75 views

Exploit for Code Injection in Vmware Spring_Cloud_Function

No d...

9.8CVSS7.3AI score0.99939EPSS
Exploits36
GithubExploit
GithubExploit
added 2026/04/28 2:25 p.m.104 views

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963 — Demo Methodology ⚠️ Overview This demo s...

9.8CVSS9.1AI score0.99939EPSS
Exploits36
vulnersOsv
vulnersOsv
added 2026/04/17 12:0 a.m.11 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10169 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.17)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22741 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-16109603...

3.1CVSS5.4AI score0.00236EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 10:13 a.m.7 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +17237 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.7 and more Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074612...

9.9CVSS7.2AI score0.00691EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/04/13 9:37 a.m.13 views

K000160736: Spring Cloud Gateway vulnerability CVE-2026-22750

Security Advisory Description When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If yo...

7.5CVSS5.8AI score0.00217EPSS
Exploits0
EUVD
EUVD
added 2026/04/10 9:31 a.m.12 views

EUVD-2026-21330

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 9:31 a.m.2 views

GHSA-HWQH-2684-54FC Spring Cloud Gateway's SSL bundle configuration silently bypassed

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/10 9:31 a.m.5 views

Spring Cloud Gateway's SSL bundle configuration silently bypassed

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/10 7:32 a.m.31 views

CVE-2026-22750

CVE-2026-22750 affects Spring Cloud Gateway; SSL bundle configuration via spring.ssl.bundle could be silently ignored, causing the system to fall back to the default SSL settings. Root cause: configuration bypass leads to unintended SSL behavior and potential exposure if defaults differ from inte...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/10 7:32 a.m.3 views

CVE-2026-22750

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/10 7:32 a.m.25 views

CVE-2026-22750 SSL bundle configuration silently bypassed in Spring Cloud Gateway

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 7:32 a.m.2 views

CVE-2026-22750 SSL bundle configuration silently bypassed in Spring Cloud Gateway

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.16 views

PT-2026-31891

Name of the Vulnerable Software and Affected Versions Spring Cloud Gateway versions prior to 4.2.1 and versions 5.0.0 and 5.1.0. Description When configuring SSL bundles in Spring Cloud Gateway using the spring.ssl.bundle configuration property, the configuration was silently ignored, and the...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References15
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

Spring Cloud Gateway 安全漏洞

Spring Cloud Gateway is an API gateway framework developed by Spring. There is a security vulnerability in Spring Cloud Gateway, which stems from the silent ignoring of the configuration property spring.ssl.bundle. This may lead to the use of the default SSL configuration...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/09 12:0 a.m.8 views

ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.0.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.0.0) +27 more potentially affected by CVE-2026-22750 via org.springframework.cloud:spring-cloud-gateway-server (=4.2.0)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.cloud:spring-cloud-gateway-server and may be impacted: - ch.nexsol-tech.gateway:sample-gateway =0.0.1, =0.0.1...

7.5CVSS5.8AI score0.00217EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2026/04/07 12:0 a.m.5 views

This Week in Spring - April 7th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! It's April 7th, 2026, and I'm on the road! I started the journey for the amazing Voxxed Days Amsterdam show and am now winding my way through France. I visited Colmar, a beautiful city from which the animators on Disney's Beau...

5.8AI score
Exploits0
Rows per page
Query Builder