MODERATE | MAY 08, 2026 | CVE-2026-40990
Description OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions Spring Cloud Function 3.2.x 4.1.x 4.2.x 4.3.x 5.0.x Older, unsupported versions are also affected Mitigation…
HIGH | MAY 08, 2026 | CVE-2026-41705
Description Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Affected Spring Products and Versions Spring AI: 1.0.0 - 1.0.x 1.1.0 - 1.1.x Mitigation Users of affected…
HIGH | MAY 08, 2026 | CVE-2026-41713
Description A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model…
HIGH | MAY 08, 2026 | CVE-2026-41712
Description Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users. Affected Spring Products and Versions Spring AI: 1.0.0 - 1.0.x 1.1.0 - 1.1.x Mitigation…
MODERATE | MAY 08, 2026 | CVE-2026-40989
Description Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions Spring Cloud Function 3.2.x 4.1.x 4.2.x 4.3.x 5.0.x Older, unsupported versions are also affected Mitigation Users of…
HIGH | MAY 06, 2026 | CVE-2026-40981
Description When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Affected Spring Products and Versions Spring Cloud Config…
CRITICAL | MAY 06, 2026 | CVE-2026-40982
Description Spring Cloud Config allows applications to server arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal…
HIGH | MAY 06, 2026 | CVE-2026-41002
Description The base directory (spring.cloud.config.server.git.basedir) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Affected Spring Products and Versions Spring Cloud Config…
MEDIUM | MAY 06, 2026 | CVE-2026-41004
Description When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Affected Spring Products and Versions Spring Cloud Config: 3.1.x 4.1.x 4.2.x 4.3.x 5.0.x Older, unsupported versions are also…
MEDIUM | APRIL 28, 2026 | CVE-2026-40968
Description When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user…
