CVE-2026-40980 | Vmware Spring AI up to 1.0.5/1.1.4 PDF File ForkPDFLayoutTextStripper resource consumption

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability has been found in Vmware Spring AI up to 1.0.5/1.1.4 and classified as problematic. Affected by this issue is the function ForkPDFLayoutTextStripper of the component PDF File Handler. Performing a manipulation results in resource consumption.

This vulnerability was named CVE-2026-40980. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-40980 | Vmware Spring AI up to 1.0.5/1.1.4 PDF File ForkPDFLayoutTextStripper resource consumption

Post correlati

CVE-2024-53388 | mavo 0.3.2 HTML Element HTML injection

CVE-2025-15003 | SeaCMS up to 13.3 admin_video.php e_id sql injection

CVE-2024-27808 | Apple Safari Web Contents memory corruption

CVE-2023-50952 | IBM InfoSphere Information Server 11.7 server-side request forgery (XFDB-275774)