Spring
CVE-2026-2817
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to unintended exposure of cache data.
AnalysisAI
Spring Data Geode's snapshot import functionality uses predictable temporary directories with overly permissive permissions, allowing local users on shared systems to read cache data belonging to other users. An attacker with basic local privileges can access and extract snapshot contents without authorization, compromising the confidentiality of sensitive cached information. No patch is currently available for this medium-severity vulnerability.
Technical ContextAI
Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp location. On shared hosts, a local user with basic privileges can access another user’s extracted snapshot contents, leading to unintended exposure of cache data.
Affected ProductsAI
Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, permissive directories under the system temp locati
RemediationAI
Monitor vendor advisories for a patch.
Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. Rated critical severi
Access control bypass in SpringBlade v4.5.0 importUser function allows low-privileged users to import sensitive user dat
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant
SpringBlade v4.5.0 has an access control flaw in authRoutes allowing low-privileged users to escalate to admin through t
Spring Security Aspects may not correctly locate method security annotations on private methods. Rated critical severity
EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been crea
Arbitrary command execution in the VSCode Spring CLI extension allows local users with interactive access to execute arb
Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to
Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. Ra
The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarc
The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarch
A vulnerability was found in Exrick xboot up to 3.3.4. Rated medium severity (CVSS 5.5), this vulnerability is remotely
Vendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today