How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability exposes the ONNX model cache in shared environments due to a world-writable and predictable /tmp directory, allowing unauthorized local users to access or tamper with cached model files.

Such unauthorized access and potential tampering pose confidentiality and integrity risks, which could impact compliance with standards and regulations like GDPR and HIPAA that require protection of sensitive data and integrity of systems.

However, the provided information does not explicitly detail the direct effects on compliance with these regulations.

Useful 0 Not Useful 0

Can you explain this vulnerability to me?

CVE-2026-40979 is a moderate severity vulnerability in Spring AI versions 1.0.0 through 1.0.5 and 1.1.0 through 1.1.4. The issue occurs because the ONNX model cache is stored in a world-writable and predictable /tmp directory by default. This setup can expose the ONNX model used by the application in shared environments.

Specifically, applications using the TransformersEmbeddingModel with caching enabled at the default location are affected. Unauthorized local users can potentially access or tamper with the cached model files, which leads to risks related to confidentiality and integrity of the model.

The vulnerability is fixed in Spring AI versions 1.0.6 and 1.1.5.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can impact you by allowing unauthorized local users to access or modify cached ONNX model files used by your Spring AI application.

The confidentiality of the model data is at risk, as unauthorized users might read sensitive model information.

The integrity of the model is also at high risk, since attackers could tamper with the cached files, potentially causing the application to behave incorrectly or insecurely.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate step to mitigate this vulnerability is to upgrade Spring AI to the fixed versions.

• Upgrade to version 1.0.6 if you are using the 1.0.x branch.
• Upgrade to version 1.1.5 if you are using the 1.1.x branch.

No additional mitigation steps are necessary beyond upgrading.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability arises because the ONNX model cache defaults to a world-writable and predictable /tmp directory, which can expose cached model files to unauthorized local users.

To detect if your system is vulnerable, you can check if the Spring AI application is using versions 1.0.0 through 1.0.5 or 1.1.0 through 1.1.4, and if the ONNX model cache is stored in the /tmp directory with world-writable permissions.

• Check the Spring AI version installed on your system.
• Check the permissions of the /tmp directory and the ONNX model cache files within it.
• Example commands to check permissions and files:
• 1. To check Spring AI version (adjust command based on your environment): - `spring-ai --version` or check your application's dependency manifest.
• 2. To list permissions of /tmp directory: - `ls -ld /tmp`
• 3. To find ONNX model cache files in /tmp and check their permissions: - `ls -l /tmp | grep onnx`
• 4. To check if the /tmp directory or cache files are world-writable: - `stat /tmp` and `stat /tmp/<onnx-cache-file>`

If the cache files are world-writable or accessible by unauthorized users, and your Spring AI version is vulnerable, your system is exposed to this vulnerability.

Useful 0 Not Useful 0