Lucene search
K

751 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-40981

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secret...

7.5CVSS5.5AI score0.00435EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.9 views

CVE-2026-44308

Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...

6.3CVSS5.5AI score0.00179EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.8 views

CVE-2026-40982

A flaw was found in Spring Cloud Config. A remote attacker can exploit a directory traversal vulnerability by sending a specially crafted URL to the spring-cloud-config-server module. This allows the attacker to access arbitrary text and binary files on the system. Mitigation Mitigation for this...

9.1CVSS5.3AI score0.00727EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.17 views

CVE-2026-40981

A flaw was found in Spring Cloud Config. When utilizing Google Secrets Manager as a backend, a remote client can craft a specific request to the config server. This action may lead to the unintended exposure of secrets from other Google Cloud Platform GCP projects, resulting in sensitive...

7.5CVSS5.1AI score0.00435EPSS
Exploits0References4
Veracode
Veracode
added 2026/06/05 12:14 p.m.10 views

Denial Of Service (DoS)

Spring Cloud Function is vulnerable to Denial of Service DoS. The vulnerability is due to insufficient restrictions on function registration within the Function Registry, allowing an attacker to register an unbounded number of functions and trigger excessive memory consumption, potentially...

6.5CVSS5.5AI score0.00211EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/01 7:16 p.m.16 views

CVE-2026-40990

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

6.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 7:16 p.m.8 views

CVE-2026-40989

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

6.5CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 5:49 p.m.30 views

CVE-2026-40990 Unbounded cache for function definitions

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 5:49 p.m.17 views

EUVD-2026-33734

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 5:49 p.m.26 views

CVE-2026-40990

CVE-2026-40990 is an OOM vulnerability in Spring Cloud Function when building an unbounded number of functions in the Function Registry. Affected are Spring Cloud Function 3.2.x (pre-3.2.16), 4.1.x (pre-4.1.10), 4.2.x (pre-4.2.6), 4.3.x (pre-4.3.3), and 5.0.x (pre-5.0.2); older unsupported versio...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:49 p.m.10 views

CVE-2026-40990

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/01 5:49 p.m.9 views

CVE-2026-40990 Unbounded cache for function definitions

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:49 p.m.10 views

CVE-2026-40989

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/01 5:49 p.m.12 views

EUVD-2026-33733

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 5:49 p.m.26 views

CVE-2026-40989

CVE-2026-40989 affects Spring Cloud Function lineages (3.2.x, 4.1.x, 4.2.x, 4.3.x, 5.0.x) with older/unsupported versions also impacted. The issue is an infinite recursion in the routing layer that can cause an Out-Of-Memory (OOM) condition during request handling. The root cause is not fully dis...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/01 5:49 p.m.8 views

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 5:49 p.m.28 views

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45515

Name of the Vulnerable Software and Affected Versions Spring Cloud Function versions prior to 3.2.16 Spring Cloud Function versions prior to 4.1.10 Spring Cloud Function versions prior to 4.2.6 Spring Cloud Function versions prior to 4.3.3 Spring Cloud Function versions prior to 5.0.2 Spring Clou...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.12 views

PT-2026-45514

Name of the Vulnerable Software and Affected Versions Spring Cloud Function versions prior to 3.2.16 Spring Cloud Function versions prior to 4.1.10 Spring Cloud Function versions prior to 4.2.6 Spring Cloud Function versions prior to 4.3.3 Spring Cloud Function versions prior to 5.0.2 Spring Clou...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.7 views

VMware Spring Cloud Function 安全漏洞

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from infinite recursion at the routing layer, potentially leading to a memory insufficiency...

6.5CVSS5.3AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder