CVE-2026-40979 | Vmware Spring AI up to 1.0.5/1.1.4 ONNX Model TransformersEmbeddingModel temp file

A vulnerability, which was classified as problematic, was found in Vmware Spring AI up to 1.0.5/1.1.4. Affected by this vulnerability is the function TransformersEmbeddingModel of the component ONNX Model Handler. Such manipulation leads to insecure temporary file.

This vulnerability is uniquely identified as CVE-2026-40979. Local access is required to approach this attack. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More