CVE 9.1 CRITICAL

CVE-2026-40982_CVE-2026-40982

May 7, 2026 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.
Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater.

AI Analysis

Directory traversal vulnerability in Spring Cloud Config

Basic Information

ID CVE-2026-40982

Source vmware

Published May 7, 2026 at 03:49

Affected Product

Vendor Spring

Product Spring Cloud Config

Version 3.1.0

Affected Versions Spring Spring Cloud Config 3.1.0
Spring Spring Cloud Config 4.1.0
Spring Spring Cloud Config 4.2.0
Spring Spring Cloud Config 4.3.0
Spring Spring Cloud Config 5.0.0

CWE Classification

CWE-22

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Spring

Product Spring Cloud Config

Version 3.1.0-3.1.13, 4.1.0-4.1.9, 4.2.0-4.2.6, 4.3.0-4.3.2, 5.0.0-5.0.2

References

spring.io /security/cve-2026-40982

{
    "lastseen": "",
    "description": "Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.\nSpring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater.",
    "published": "2026-05-07T03:49:30.065Z",
    "modified": "2026-05-07T03:49:30.065Z",
    "type": "cve",
    "title": "CVE-2026-40982",
    "source": "vmware",
    "references": "https://spring.io/security/cve-2026-40982",
    "id": "CVE-2026-40982",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Spring Spring Cloud Config 3.1.0\nSpring Spring Cloud Config 4.1.0\nSpring Spring Cloud Config 4.2.0\nSpring Spring Cloud Config 4.3.0\nSpring Spring Cloud Config 5.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Spring Cloud Config",
    "version": "3.1.0",
    "vendor": "Spring",
    "ai_description": "Directory traversal vulnerability in Spring Cloud Config",
    "ai_severity": "Critical",
    "ai_vendor": "Spring",
    "ai_product": "Spring Cloud Config",
    "ai_version": "3.1.0-3.1.13, 4.1.0-4.1.9, 4.2.0-4.2.6, 4.3.0-4.3.2, 5.0.0-5.0.2",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply