CVE-2026-40979
published 2026-04-28CVE-2026-40979: In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in…
PriorityP428medium6.1CVSS 3.1
AVLACLPRLUINSUCLIHAN
EPSS
0.10%
1.3th percentile
In Spring AI, having access to a shared environment can expose the ONNX model used by the application.
Affected versions:
Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| spring | spring_ai | >= 1.0.0 < 1.0.6 | 1.0.6 |
| spring | spring_ai | >= 1.1.0 < 1.1.5 | 1.1.5 |
| vmware | spring_ai | >= 1.0.0 < 1.0.6 | 1.0.6 |
| vmware | spring_ai | >= 1.1.0 < 1.1.5 | 1.1.5 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Vmware Spring AI up to 1.0.5/1.1.4 ONNX Model TransformersEmbeddingModel temp file
vuldb·2026-04-28·CVSS 6.1
CVE-2026-40979 [MEDIUM] Vmware Spring AI up to 1.0.5/1.1.4 ONNX Model TransformersEmbeddingModel temp file
A vulnerability, which was classified as problematic, was found in Vmware Spring AI up to 1.0.5/1.1.4. Affected by this vulnerability is the function TransformersEmbeddingModel of the component ONNX Model Handler. Such manipulation leads to insecure temporary file.
This vulnerability is uniquely identified as CVE-2026-40979. Local access is required to approach this attack. No exploit exists.
You should upgrade the affected component.
GHSA
Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory
ghsa·2026-04-28
CVE-2026-40979 [MEDIUM] CWE-377 Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory
Spring AI's ONNX model cache defaults to world-writable predictable /tmp directory
In Spring AI, having access to a shared environment can expose the ONNX model used by the application.
Affected versions:
Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-28
Published