VMware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any VMware product.
RSS Feeds for VMware security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in VMware products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by VMware Sorted by Most Security Vulnerabilities since 2018
Recent VMware Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2026-05-08 | CVE-2026-41713 - High - CVE-2026-41713: Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor | May 8, 2026 |
| 2026-05-08 | CVE-2026-41712 - High - CVE-2026-41712: ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage | May 8, 2026 |
| 2026-05-08 | CVE-2026-41705 - High - CVE-2026-41705: Expression injection in MilvusVectorStore doDelete allows data destruction | May 8, 2026 |
| 2026-05-08 | CVE-2026-40989 - Moderate - CVE-2026-40989: Self Routing guard bypassed via function composition | May 8, 2026 |
| 2026-05-08 | CVE-2026-40990 - Moderate - CVE-2026-40990: Unbounded cache for function definitions | May 8, 2026 |
| 2026-05-06 | CVE-2026-40982 - Critical - CVE-2026-40982: Directory Traversal with spring-cloud-config-server | May 6, 2026 |
| 2026-05-06 | CVE-2026-40981 - High - CVE-2026-40981: Spring Cloud Config Clients Can Access Secrets From Any Project The Config Server Has Access To On Google Secrets Manager | May 6, 2026 |
| 2026-05-06 | CVE-2026-41004 - Medium - CVE-2026-41004: Spring Cloud Config Server Logged Sensitive Information | May 6, 2026 |
| 2026-05-06 | CVE-2026-41002 - High - CVE-2026-41002: Spring Cloud Config Server Susceptible To TOCTOU Attack | May 6, 2026 |
| 2026-04-28 | CVE-2026-40969 - Low - CVE-2026-40969: Spring gRPC AuthenticationException message reflected to remote client | April 28, 2026 |
Known Exploited VMware Vulnerabilities
The following VMware vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| VMware ESXi and Workstation TOCTOU Race Condition Vulnerability |
VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host. CVE-2025-22224 Exploit Probability: 47.3% |
March 4, 2025 |
| VMware ESXi Arbitrary Write Vulnerability |
VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox. CVE-2025-22225 Exploit Probability: 10.0% |
March 4, 2025 |
| VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability |
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process. CVE-2025-22226 Exploit Probability: 4.3% |
March 4, 2025 |
| VMware vCenter Server Heap-Based Buffer Overflow Vulnerability |
VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet. CVE-2024-38812 Exploit Probability: 77.9% |
November 20, 2024 |
| VMware vCenter Server Privilege Escalation Vulnerability |
VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet. CVE-2024-38813 Exploit Probability: 29.5% |
November 20, 2024 |
| VMware ESXi Authentication Bypass Vulnerability |
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. CVE-2024-37085 Exploit Probability: 75.1% |
July 30, 2024 |
| VMware vCenter Server Incorrect Default File Permissions Vulnerability |
VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information. CVE-2022-22948 Exploit Probability: 26.0% |
July 17, 2024 |
| VMware vCenter Server Out-of-Bounds Write Vulnerability |
VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution. CVE-2023-34048 Exploit Probability: 93.2% |
January 22, 2024 |
| VMware Tools Authentication Bypass Vulnerability |
VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must have root access over ESXi to exploit this vulnerability. CVE-2023-20867 Exploit Probability: 2.9% |
June 23, 2023 |
| Vmware Aria Operations for Networks Command Injection Vulnerability |
VMware Aria Operations for Networks (formerly vRealize Network Insight) contains a command injection vulnerability that allows a malicious actor with network access to perform an attack resulting in remote code execution. CVE-2023-20887 Exploit Probability: 94.3% |
June 22, 2023 |
| VMware Spring Cloud Gateway Code Injection Vulnerability |
Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. CVE-2022-22947 Exploit Probability: 94.5% |
May 16, 2022 |
| VMware Multiple Products Privilege Escalation Vulnerability |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. CVE-2022-22960 Exploit Probability: 72.7% |
April 15, 2022 |
| VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability |
VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection. CVE-2022-22954 Exploit Probability: 94.4% |
April 14, 2022 |
| Spring Framework JDK 9+ Remote Code Execution Vulnerability |
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. CVE-2022-22965 Exploit Probability: 94.4% |
April 4, 2022 |
| VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability |
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution. CVE-2018-6961 Exploit Probability: 93.6% |
March 25, 2022 |
| VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability |
VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure. CVE-2021-21973 Exploit Probability: 90.4% |
March 7, 2022 |
| VMware Server Side Request Forgery in vRealize Operations Manager API |
Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials. CVE-2021-21975 Exploit Probability: 94.4% |
January 18, 2022 |
| VMware vCenter Server Improper Access Control |
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. CVE-2021-22017 Exploit Probability: 74.8% |
January 10, 2022 |
| VMware ESXi/Horizon DaaS Appliances Heap-Overwrite Vulnerability |
OpenSLP as used in ESXi and the Horizon DaaS appliances have a heap overwrite issue. A malicious actor with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution. CVE-2019-5544 Exploit Probability: 92.5% |
November 3, 2021 |
| VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector Comm |
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. CVE-2020-4006 Exploit Probability: 12.8% |
November 3, 2021 |
Of the known exploited vulnerabilities above, 10 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 6 known exploited VMware vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
Top 10 Riskiest VMware Vulnerabilities
Based on the current exploit probability, these VMware vulnerabilities are on CISA's Known Exploited vulnerabilities list (KEV) and are ranked by the current EPSS exploit probability.
| Rank | CVE | EPSS | Vulnerability |
|---|---|---|---|
| 1 | CVE-2022-22947 | 94.5% | VMware Spring Cloud Gateway Code Injection Vulnerability |
| 2 | CVE-2021-22005 | 94.5% | VMware vCenter Server File Upload |
| 3 | CVE-2022-22954 | 94.4% | VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability |
| 4 | CVE-2022-22965 | 94.4% | Spring Framework JDK 9+ Remote Code Execution Vulnerability |
| 5 | CVE-2021-21975 | 94.4% | VMware Server Side Request Forgery in vRealize Operations Manager API |
| 6 | CVE-2021-21985 | 94.4% | VMware vCenter Server Remote Code Execution Vulnerability |
| 7 | CVE-2020-3952 | 94.3% | VMware vCenter Server Info Disclosure Vulnerability |
| 8 | CVE-2023-20887 | 94.3% | Vmware Aria Operations for Networks Command Injection Vulnerability |
| 9 | CVE-2021-21972 | 93.8% | VMware vCenter Server Remote Code Execution Vulnerability |
| 10 | CVE-2018-6961 | 93.6% | VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability |
By the Year
In 2026 there have been 53 vulnerabilities in VMware with an average score of 6.5 out of ten. Last year, in 2025 VMware had 39 security vulnerabilities published. That is, 14 more vulnerabilities have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 0.68
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 53 | 6.51 |
| 2025 | 39 | 7.20 |
| 2024 | 52 | 7.02 |
| 2023 | 72 | 7.31 |
| 2022 | 79 | 7.21 |
| 2021 | 77 | 7.29 |
| 2020 | 61 | 7.01 |
| 2019 | 31 | 7.15 |
| 2018 | 59 | 7.33 |
It may take a day or so for new VMware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent VMware Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-41705 | May 09, 2026 |
Filter-Expression Injection in Spring AI MilvusVectorStore#doDelete v1.01.1Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 or greater. |
Spring Framework
|
| CVE-2026-40981 | May 07, 2026 |
Spring Cloud Config Secrets Manager Bypass - Exposes GCP Secrets (v3.1-5.0)When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater. |
Spring Framework
|
| CVE-2026-41002 | May 07, 2026 |
Spring Cloud Config Server TOCTOU via base directory 3.1.x-5.0.3The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater. |
Spring Framework
|
| CVE-2026-41004 | May 07, 2026 |
Spring Cloud Config Trace Log Info Exposure CVE-2026-41004When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater. |
Spring Framework
|
| CVE-2026-40982 | May 07, 2026 |
Spring Cloud Config DT via Config Server CVE-2026-40982 (5.0.0-5.0.2)Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater. |
Spring Framework
|
| CVE-2026-22745 | Apr 29, 2026 |
DoS via Slow Static Resource Resolve in Spring MVC/WebFlux on WindowsSpring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the application is using Spring MVC or Spring WebFlux * the application is serving static resources from the file system * the application is running on a Windows platform When all the conditions above are met, the attacker can send malicious requests that are slow to resolve and that can keep HTTP connections in use. This can cause a Denial of Service on the application. |
Spring Framework
|
| CVE-2026-22741 | Apr 29, 2026 |
Spring MVC static resource cache poisoning via encoded resource resolutionSpring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the application is using Spring MVC or Spring WebFlux * the application is configuring the resource chain support https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title with caching enabled * the application adds support for encoded resources resolution * the resource cache must be empty when the attacker has access to the application When all the conditions above are met, the attacker can send malicious requests and poison the resource cache with resources using the wrong encoding. This can cause a denial of service by breaking the front-end application for clients. |
Spring Framework
|
| CVE-2026-22740 | Apr 29, 2026 |
Spring WebFlux multipart temp file retention (disk space depletion)A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are also affected. |
Spring Framework
|
| CVE-2026-40969 | Apr 28, 2026 |
Spring gRPC 1.0.0-1.0.2 AuthEx Leakage via gRPC StatusThe raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC: 1.0.0 - 1.0.2 (fixed in 1.0.3). Older, unsupported versions are also affected. |
Spring Framework
|
| CVE-2026-40968 | Apr 28, 2026 |
Spring gRPC auth ID retained on thread, pre-1.0.3When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions: Spring gRPC: 1.0.0 - 1.0.2 (fixed in 1.0.3). Older, unsupported versions are also affected. |
Spring Framework
|
| CVE-2026-40980 | Apr 28, 2026 |
Spring AI ForkPDFLayoutTextStripper DoS via crafted PDF (1.0.0-1.1.4)In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by `ForkPDFLayoutTextStripper`. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5) |
Spring Framework
|
| CVE-2026-40979 | Apr 28, 2026 |
Spring AI 1.0.0-1.0.5 / 1.1.0-1.1.4 Shared Env Exposes ONNX (fixed 1.0.6/1.1.5)In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5) |
Spring Framework
|
| CVE-2026-40978 | Apr 28, 2026 |
Spring AI 1.0.0-1.0.5 / 1.1.0-1.1.4 SQLi in CosmosDBVectorStore (fixed 1.0.6/1.1.5)SQL injection vulnerability in Spring AI's `CosmosDBVectorStore` allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5) |
Spring Framework
|
| CVE-2026-40966 | Apr 28, 2026 |
Spring AI VSCMA Exfiltration via conversationId InjectionIn Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input as a conversationId are affected. |
Spring Framework
|
| CVE-2026-40967 | Apr 28, 2026 |
Spring AI 1.0-1.0.5 Query-Language Injection via Unescaped FiltersIn Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5) |
Spring Framework
|
| CVE-2026-40977 | Apr 27, 2026 |
Spring Boot 2.74.0.6 ApplicationPidFileWriter PID File CorruptionWhen an application is configured to use `ApplicationPidFileWriter`, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.04.0.5 (fix 4.0.6), 3.5.03.5.13 (fix 3.5.14), 3.4.03.4.15 (fix 3.4.16), 3.3.03.3.18 (fix 3.3.19), 2.7.02.7.32 (fix 2.7.33); PID file / symlink behavior (`ApplicationPidFileWriter`). Versions that are no longer supported are also affected per vendor advisory. |
Spring Framework
|
| CVE-2026-40976 | Apr 27, 2026 |
Spring Boot 4.0.5 Default Security Filter Chain BypassIn certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter chain; depend on spring-boot-actuator-autoconfigure; not depend on spring-boot-health. If any of the above does not apply, the application is not vulnerable. Affected: Spring Boot 4.0.04.0.5; upgrade to 4.0.6 or later per vendor advisory. |
Spring Framework
|
| CVE-2026-40975 | Apr 27, 2026 |
Spring Boot Weak PRNG in Random Value Property Source (before 4.0.6)Values produced by ${random.value} are not suitable for use as secrets. ${random.uuid} is not affected. ${random.int} and ${random.long} should never be used for secrets as they are numeric values with a predictable range. Affected: Spring Boot 4.0.04.0.5 (fix 4.0.6), 3.5.03.5.13 (fix 3.5.14), 3.4.03.4.15 (fix 3.4.16), 3.3.03.3.18 (fix 3.3.19), 2.7.02.7.32 (fix 2.7.33); random value property source / weak PRNG for secrets. Versions that are no longer supported are also affected per vendor advisory. |
Spring Framework
|
| CVE-2026-40974 | Apr 27, 2026 |
Spring Boot Cassandra SSL Hostname Verification Failure (pre 4.0.6, 3.5.14, ...)Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cassandra. Affected: Spring Boot 4.0.04.0.5 (fix 4.0.6), 3.5.03.5.13 (fix 3.5.14), 3.4.03.4.15 (fix 3.4.16), 3.3.03.3.18 (fix 3.3.19), 2.7.02.7.32 (fix 2.7.33); Cassandra SSL auto-configuration. Versions that are no longer supported are also affected per vendor advisory. |
Spring Framework
|
| CVE-2026-40973 | Apr 27, 2026 |
Spring Boot 4 Session Hijack via ApplicationTemp TempDirA local attacker on the same host as the application may be able to take control of the directory used by `ApplicationTemp`. When `server.servlet.session.persistent` is set to `true` and the attack persists across application restarts, this may allow the attacker to read session information and hijack authenticated users or deploy a gadget chain and execute code as the application's user. Affected: Spring Boot 4.0.04.0.5 (fix 4.0.6), 3.5.03.5.13 (fix 3.5.14), 3.4.03.4.15 (fix 3.4.16), 3.3.03.3.18 (fix 3.3.19), 2.7.02.7.32 (fix 2.7.33); predictable temp directory / `ApplicationTemp` ownership verification. Versions that are no longer supported are also affected per vendor advisory. |
Spring Framework
|
| CVE-2026-40972 | Apr 27, 2026 |
Timing Attack RCE via Remote Secret Comparison in Spring Boot 3.xAn attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code execution in the remote application. Affected: Spring Boot 4.0.04.0.5 (fix 4.0.6), 3.5.03.5.13 (fix 3.5.14), 3.4.03.4.15 (fix 3.4.16), 3.3.03.3.18 (fix 3.3.19), 2.7.02.7.32 (fix 2.7.33); DevTools remote secret comparison. Versions that are no longer supported are also affected per vendor advisory. |
Spring Framework
|
| CVE-2026-40971 | Apr 27, 2026 |
Spring Boot 4.0.04.0.5/3.5.03.5.13 RabbitMQ SSL Hostname Verification BypassWhen configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.04.0.5 (fix 4.0.6), 3.5.03.5.13 (fix 3.5.14) per vendor advisory. |
Spring Framework
|
| CVE-2026-40970 | Apr 27, 2026 |
Spring Boot 4.0.04.0.5: Omitted Hostname Verification in ES SSL Auto-ConfigWhen configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch server. Affected: Spring Boot 4.0.04.0.5; upgrade to 4.0.6 or later per vendor advisory. |
Spring Framework
|
| CVE-2026-22754 | Apr 22, 2026 |
Spring Security 7.0.07.0.4: Auth ByPass via Servlet PathVulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not exercised. This can lead to an authorization bypass.This issue affects Spring Security: from 7.0.0 through 7.0.4. |
Spring Framework
|
| CVE-2026-22753 | Apr 22, 2026 |
Spring Security 7.0.0-7.0.4 Matcher Security BypassVulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may fail and its related security components will not be exercised as intended by the application. This can lead to the authentication, authorization, and other security controls being rendered inactive on intended requests.This issue affects Spring Security: from 7.0.0 through 7.0.4. |
Spring Framework
|
| CVE-2026-22748 | Apr 22, 2026 |
Spring Security 6/7 JWT Decoder Missing Token Validator (CVE-2026-22748)Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for example by calling setJwtValidator.This issue affects Spring Security: from 6.3.0 through 6.3.14, from 6.4.0 through 6.4.14, from 6.5.0 through 6.5.9, from 7.0.0 through 7.0.4. |
Spring Framework
|
| CVE-2026-22747 | Apr 22, 2026 |
Spring Security 7.0.0-7.0.4 SubjectX500PrincipalExtractor X.509 CN flaw impersonationVulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. This issue affects Spring Security: from 7.0.0 through 7.0.4. |
Spring Framework
|
| CVE-2026-22746 | Apr 22, 2026 |
Spring Security 5.7-7.0 DAO Auth Timing Attack Bypass via Disabled/LockedVulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoAuthenticationProvider's timing attack defense can be bypassed for users who are disabled, expired, or locked.This issue affects Spring Security: from 5.7.0 through 5.7.22, from 5.8.0 through 5.8.24, from 6.3.0 through 6.3.15, from 6.5.0 through 6.5.9, from 7.0.0 through 7.0.4. |
Spring Framework
|
| CVE-2026-22751 | Apr 21, 2026 |
SpringSec TOCTOU Race JdbcOneTimeTokenSrv v6.4.0-6.4.15/6.5.0-6.5.9/7.0.0-7.0.4Vulnerability in Spring Spring Security. Applications that explicitly configure One-Time Token login with JdbcOneTimeTokenService are vulnerable to a Time-of-check Time-of-use (TOCTOU) race condition. This issue affects Spring Security: from 6.4.0 through 6.4.15, from 6.5.0 through 6.5.9, from 7.0.0 through 7.0.4. |
Spring Framework
|
| CVE-2026-22750 | Apr 10, 2026 |
Spring Cloud Gateway SSL Bundle Config Ignored (CVE-2026-22750)When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud Gateway 4.2.0 and are not an enterprise customer, you can upgrade to any Spring Cloud Gateway 4.2.x release newer than 4.2.0 available on Maven Centeral https://repo1.maven.org/maven2/org/springframework/cloud/spring-cloud-gateway/ . Ideally if you are not an enterprise customer, you should be upgrading to 5.0.2 or 5.1.1 which are the current supported open source releases. |
Spring Framework
Spring Cloud Gateway
|
| CVE-2026-22744 | Mar 27, 2026 |
Spring AI redis-store TAG Injection via RedisFilterExpressionConverter (pre1.0.5/1.1.3)In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts the value directly into the @field:{VALUE} RediSearch TAG block without escaping characters.This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. |
Spring Framework
|
| CVE-2026-22743 | Mar 27, 2026 |
Neo4jVectorFilterExpressionConverter Cypher Injection in SpringAI Neo4j Store <1.0.5 & <1.1.4Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey() embeds the key into a backtick-delimited Cypher property accessor (node.`metadata.`) after stripping only double quotes, without escaping embedded backticks.This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. |
Spring Framework
|
| CVE-2026-22742 | Mar 27, 2026 |
Spring AI spring-ai-bedrock-converse SSRF in BedrockProxyChatModel pre-1.1.4Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests to unintended internal or external destinations. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. |
Spring Framework
|
| CVE-2026-22738 | Mar 27, 2026 |
Spring AI SpEL Injection via SimpleVectorStore (1.0.01.0.4, 1.1.01.1.3)In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression key are affected. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. |
Spring Framework
|
| CVE-2026-22739 | Mar 24, 2026 |
Spring Cloud PT via Profile Param (<3.1.13/4.1.9/4.2.3/4.3.2/5.0.2)Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible to access files outside of the configured search directories.This issue affects Spring Cloud: from 3.1.X before 3.1.13, from 4.1.X before 4.1.9, from 4.2.X before 4.2.3, from 4.3.X before 4.3.2, from 5.0.X before 5.0.2. |
Spring Framework
|
| CVE-2026-22737 | Mar 19, 2026 |
Spring Framework 5.3.46-7.0.5 Path Traversal via Java Script ViewsUse of Java scripting engine enabled (e.g. JRuby, Jython) template views in Spring MVC and Spring WebFlux applications can result in disclosure of content from files outside the configured locations for script template views. This issue affects Spring Framework: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46. |
Spring Framework
|
| CVE-2026-22735 | Mar 19, 2026 |
Spring MVC/WebFlux SSE Stream Corruption for v5.3-7.0.5Spring MVC and WebFlux applications are vulnerable to stream corruption when using Server-Sent Events (SSE). This issue affects Spring Foundation: from 7.0.0 through 7.0.5, from 6.2.0 through 6.2.16, from 6.1.0 through 6.1.25, from 5.3.0 through 5.3.46. |
Spring Framework
|
| CVE-2026-22733 | Mar 19, 2026 |
Spring Security 4.0.3 Auth Bypass via CloudFoundry Actuator (CVE-2026-22733)Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from 3.5.0 through 3.5.11, from 3.4.0 through 3.4.14, from 3.3.0 through 3.3.17, from 2.7.0 through 2.7.31. |
Spring Framework
|
| CVE-2026-22732 | Mar 19, 2026 |
Spring Security HTTP Header Write Failure before 7.0.4When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written. This issue affects Spring Security Servlet applications using lazy (default) writing of HTTP Headers: : from 5.7.0 through 5.7.21, from 5.8.0 through 5.8.23, from 6.3.0 through 6.3.14, from 6.4.0 through 6.4.14, from 6.5.0 through 6.5.8, from 7.0.0 through 7.0.3. |
Spring Framework
Spring Security
|
| CVE-2026-22731 | Mar 19, 2026 |
Auth Bypass in Spring Boot Actuator Health Group <=4.0.3Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under a specific path, already configured for a Health Group additional path. This issue affects Spring Boot: from 4.0 before 4.0.3, from 3.5 before 3.5.11, from 3.4 before 3.4.15. This CVE is similar but not equivalent to CVE-2026-22733, as the conditions for exploit and vulnerable versions are different. |
Spring Framework
|
| CVE-2026-22729 | Mar 18, 2026 |
JSONPath Injection in Spring AI AbstractFilterExpressionConverterA JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper escaping, enabling attackers to inject arbitrary JSONPath logic and access unauthorized documents. This vulnerability affects applications using vector stores that extend AbstractFilterExpressionConverter for multi-tenant isolation, role-based access control, or document filtering based on metadata. The vulnerability occurs when user-supplied values in filter expressions are not escaped before being inserted into JSONPath queries. Special characters like ", ||, and && are passed through unescaped, allowing injection of arbitrary JSONPath logic that can alter the intended query semantics. |
Spring Framework
|
| CVE-2026-22730 | Mar 18, 2026 |
SQLi in Spring AI's MariaDBFilterExpressionConverter Bypass Metadata ControlsA critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization. |
Spring Framework
|
| CVE-2026-22717 | Feb 27, 2026 |
VMware Workstation OOB Read Host Info DisclosureOut-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed. |
Workstation
|
| CVE-2026-22716 | Feb 27, 2026 |
VMware Workstation OoB Read Leak <=25H1Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes. |
Workstation
|
| CVE-2026-22722 | Feb 26, 2026 |
Authenticated User Null Pointer Deref in VMware Workstation on WindowsA malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix' |
Workstation
|
| CVE-2026-22715 | Feb 26, 2026 |
VMware Workstation/Fusion VM Network Packet Interception FlawVMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1 |
Workstation
Fusion
|
| CVE-2026-22721 | Feb 25, 2026 |
Privilege Escalation in VMware Aria Ops via vCenter AccessVMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 . |
Aria Operations
Cloud Foundation
Telco Cloud Platform
And others... |
| CVE-2026-22720 | Feb 25, 2026 |
VMware Aria Ops XS: Privileged XSS for Admin ActionsVMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' of VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947https:// . |
Aria Operations
Cloud Foundation
Telco Cloud Platform
And others... |
| CVE-2026-22719 | Feb 25, 2026 |
VMware Aria Ops cmd injection leads to RCE during migrationVMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001 Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001 |
Aria Operations
Cloud Foundation
Telco Cloud Platform
And others... |
| CVE-2026-2818 | Feb 20, 2026 |
Zip-Slip Path Traversal in Spring Data Geode Import Snapshot (Windows Only)A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only. |