CVE-2026-40982
Received Received - Intake
BaseFortify

Publication date: 2026-05-07

Last updated on: 2026-05-07

Assigner: VMware

Description
Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-07
Last Modified
2026-05-07
Generated
2026-05-07
AI Q&A
2026-05-07
EPSS Evaluated
N/A
NVD
CVE-2026-40982
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
vmware spring_cloud_config From 3.1.0 (inc) to 3.1.13 (inc)
vmware spring_cloud_config From 4.1.0 (inc) to 4.1.9 (inc)
vmware spring_cloud_config From 4.2.0 (inc) to 4.2.6 (inc)
vmware spring_cloud_config From 4.3.0 (inc) to 4.3.2 (inc)
vmware spring_cloud_config From 5.0.0 (inc) to 5.0.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-40982 is a critical directory traversal vulnerability in the Spring Cloud Config server module.

It allows attackers to send specially crafted URLs to the server, which can then be exploited to access arbitrary files on the server.

This means an attacker can potentially read sensitive files that should not be accessible.


How can this vulnerability impact me? :

This vulnerability can have a severe impact as it allows unauthorized access to arbitrary files on the server.

An attacker could read sensitive configuration files or other critical data, potentially leading to information disclosure.

Such exposure could compromise the security of your applications and infrastructure.


What immediate steps should I take to mitigate this vulnerability?

To mitigate the CVE-2026-40982 vulnerability, you should upgrade your Spring Cloud Config server to a fixed version that addresses the directory traversal issue.

  • Upgrade to version 3.1.14 or greater if you are using the 3.1.x series (Enterprise Support Only).
  • Upgrade to version 4.1.10 or greater if you are using the 4.1.x series (Enterprise Support Only).
  • Upgrade to version 4.2.7 or greater if you are using the 4.2.x series (Enterprise Support Only).
  • Upgrade to version 4.3.3 or greater if you are using the 4.3.x series (OSS).
  • Upgrade to version 5.0.3 or greater if you are using the 5.0.x series (OSS).

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart