CVE-2026-41002
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-41002
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Spring | Spring Cloud Config | 3.1.0 ~ 3.1.14 | - |
II. Public POCs for CVE-2026-41002
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-41002
Please Login to view more intelligence information
Same Patch Batch · Spring · 2026-05-07 · 4 CVEs total
| CVE-2026-40982 | 9.1 CRITICAL | Spring Cloud Config目录遍历漏洞 |
| CVE-2026-40981 | 7.5 HIGH | Spring Cloud Config 远程代码执行漏洞 |
| CVE-2026-41004 | 4.4 MEDIUM | Spring Cloud Config多版本敏感信息明文日志泄露 |
IV. Related Vulnerabilities
Same weakness: CWE-367
- CVE-2026-42344
FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress al - CVE-2026-44694
n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API clien - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2026-34354
Akamai GPA/ZTC 本地权限提升漏洞(影响7.0-7.3.1等版本) - CVE-2026-44112
OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenSh
V. Comments for CVE-2026-41002
No comments yet