CVE-2026-40977 | Vmware Spring Boot up to 4.0.5 PID File ApplicationPidFileWriter link following

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability was found in Vmware Spring Boot up to 2.7.32/3.3.18/3.4.15/3.5.13/4.0.5. It has been declared as critical. The affected element is the function ApplicationPidFileWriter of the component PID File Handler. The manipulation results in link following.

This vulnerability is cataloged as CVE-2026-40977. The attack must be initiated from a local position. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-40977 | Vmware Spring Boot up to 4.0.5 PID File ApplicationPidFileWriter link following

Post correlati

CVE-2024-21575 | ltdrdata ComfyUI-Impact-Pack up to 7.6.1 POST Request /upload/temp filename path traversal

CVE-2025-1701 | MIM Admin Service up to 7.2.12/7.3.7/7.4.2 RMI Interface input validation

CVE-2025-68306 | Linux Kernel up to 6.12.60/6.17.10 Bluetooth hci_cmd_sync_work null pointer dereference

CVE-2024-30472 | Dell Wyse 5070 Thin Client 1.0.0.8 information disclosure (dsa-2024-229)