CVE-2026-40970
medium
CVSS v3
6.8
CVSS v2
—
VIR risk
6.8
Description
Spring Boot's Elasticsearch auto-configuration doesn't perform hostname verification when connecting to the Elasticsearch server.
Predictions
Exploit likelihood
67%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: security@vmware.com — https://spring.io/security/cve-2026-40970
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Maven | org.springframework.boot:spring-boot-elasticsearch | >=4.0.0,<4.0.6 | 4.0.6 |
| MAVEN | org.springframework.boot:spring-boot-elasticsearch | >= 4.0.0, < 4.0.6 | 4.0.6 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| vmware | spring_boot | {"startIncluding":"4.0.0","endExcluding":"4.0.6"} | 4.0.6 |
References
CWEs
CWE-295
Verify integrity in audit chain (admin only). AS-IS.