CVE-2026-40994 | Vmware Spring Web Services up to 3.1.8/4.0.18/4.1.3/5.0.1 insecure default initialization of resource

A vulnerability has been found in Vmware Spring Web Services up to 3.1.8/4.0.18/4.1.3/5.0.1 and classified as critical. This affects an unknown function. This manipulation causes insecure default initialization of resource.

This vulnerability is registered as CVE-2026-40994. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More