Spring cloud config

This hub aggregates every CVE we track for Spring cloud config, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 10 most recently published vulnerabilities affecting Spring cloud config.

• CVE-2026-40981When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring...7.5May 7, 2026
• CVE-2026-41002The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Sprin...7.2May 7, 2026
• CVE-2026-41004When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgr...4.4May 7, 2026
• CVE-2026-40982Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially c...9.1May 7, 2026
• CVE-2026-22739Spring Cloud Config Profile Substitution Can Allow Unintended Access To Files And Enable SSRF Attacks8.6Mar 24, 2026
• CVE-2025-22232Spring Cloud Config Server May Not Use Vault Token Sent By Clients5.3Apr 10, 2025
• CVE-2023-20859In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attem...5.5Mar 23, 2023
• CVE-2020-5410Directory Traversal with spring-cloud-config-serverKEV7.5Jun 2, 2020
• CVE-2020-5405Directory Traversal with spring-cloud-config-server6.5Mar 5, 2020
• CVE-2019-3799Directory Traversal with spring-cloud-config-server6.5May 6, 2019