Zero Day MonitorZDM

← Back to list

7.5

CVE-2026-40981EXPLOITEDPATCHED

spring · spring cloud config

CVE-2026-40981: When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the co

Description

CVE-2026-40981: Spring Cloud Config Clients Can Access Secrets From Any Project The Config Server Has Access To On Google Secrets Manager

Affected Products

Vendor	Product	Versions
spring	spring cloud config	maven/org.springframework.cloud:spring-cloud-config: >= 3.1.0, <= 3.1.13, maven/org.springframework.cloud:spring-cloud-config: >= 4.1.0, <= 4.1.9, maven/org.springframework.cloud:spring-cloud-config: >= 4.2.0, <= 4.2.6, maven/org.springframework.cloud:spring-cloud-config: >= 4.3.0, <= 4.3.2, maven/org.springframework.cloud:spring-cloud-config: >= 5.0.0, <= 5.0.2

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
maven	org.springframework.cloud:spring-cloud-config	GHSA	85%
vmware tanzu	spring cloud	cert_advisory	90%

References

https://spring.io/security/cve-2026-40981

Related News (4 articles)

Tier B

CCCS Canada4d ago

Spring security advisory (AV26-431)

→ No new info (linked only)

Tier B

BSI Advisories4d ago

[NEU] [hoch] VMware Tanzu Spring Cloud Config: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB4d ago

CVE-2026-40981 | Spring Cloud Config up to 5.0.2 authorization

→ No new info (linked only)

Tier B

CERT-FR4d ago

Multiples vulnérabilités dans Spring Cloud Config (07 mai 2026)

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

org.springframework.cloud:spring-cloud-config@4.3.3org.springframework.cloud:spring-cloud-config@5.0.3

CWECWE-639

PublishedMay 7, 2026

Last enriched4d agov2

Tags

security advisorycritical update

Trending Score40

Source articles4

Independent4

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-40982EXP

CVE-2026-40982: Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server

HIGHCVE-2026-41002EXP

CVE-2026-41002: The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git reposi

MEDIUMCVE-2026-41004

CVE-2026-41004: When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Sp

LOWCVE-2026-22740EXP

Spring Framework DoS with Multipart Temp Files in WebFlux

MEDIUMCVE-2026-40979

CVE-2026-40979: In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected version

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 7, 2026

Discovered by ZDM

May 7, 2026

Actively Exploited

May 7, 2026

Exploit Available

May 7, 2026

Patch Available

May 7, 2026

Updated: description, severity, exploitAvailable, activelyExploited, tags

May 7, 2026

Version History

v2

Last enriched 4d ago

v2Tier B4d ago

Updated description for CVE-2026-40981, changed severity to CRITICAL, and marked exploit as available and actively exploited.

descriptionseverityexploitAvailableactivelyExploitedtags

via CCCS Canada

v14d ago

Initial creation