CVE-2026-40974 | Vmware Spring Boot up to 4.0.5 Cassandra Auto-Configuration certificate validation

A vulnerability was found in Vmware Spring Boot up to 2.7.32/3.3.18/3.4.15/3.5.13/4.0.5. It has been declared as critical. This vulnerability affects unknown code of the component Cassandra Auto-Configuration. Executing a manipulation can lead to improper certificate validation.

This vulnerability is registered as CVE-2026-40974. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More