Vulnerability intelligence
CVE-2026-40999
When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affected versions: Spring Web Services 5.0.0 through 5.0.1; 4.1.0 through 4.1.3; 4.0.0 through 4.0.18; 3.1.0 through 3.1.8.
CVSS Score
8.6
High
EPSS — Exploit Probability
0.0%
Riskier than 10% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
unknown
Check vendor advisories
1 article across 1 outlet · first covered Jun 12, 2026 · latest Jun 12, 2026
Tracked incidents
Coverage timeline
-
Spring Framework Patches Critical Flaws, Urges Immediate Upgradesecurityonline.info · Jun 12, 2026