VIR Vulnerability Intelligence Relay

Package impact

java MAVEN / org.springframework.boot:spring-boot-elasticsearch

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-40970 medium 6.8 6.8 1mo ago Spring Boot's Elasticsearch auto-configuration doesn't perform hostname verification when connecting to the Elasticsearch server.