Main Vulnerability Database Vulnerabilities #VU128240

Incorrect permission assignment for critical resource in Spring AI - CVE-2026-40979

Published: April 27, 2026

Vulnerability identifier: #VU128240

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-40979

CWE-ID: CWE-732

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Pivotal

Affected software:
Spring AI

Detailed vulnerability description

The vulnerability allows a local user to disclose the ONNX model used by the application and modify cached model data.

The vulnerability exists due to improper access control in the ONNX model cache when using the default world-writable predictable /tmp directory. A local user can access or alter files in the cache directory to disclose the ONNX model used by the application and modify cached model data.

Only applications that use TransformersEmbeddingModel with caching enabled and the default cache location are affected.

How to mitigate CVE-2026-40979

Install security update from vendor's website.

Sources

https://spring.io/security/cve-2026-40979

Incorrect permission assignment for critical resource in Spring AI - CVE-2026-40979

Detailed vulnerability description

How to mitigate CVE-2026-40979

Sources

Please verify you're human