By vendor
Vmware vulnerabilities
Known CVEs affecting Vmware products, prioritized by severity, with SEC.co remediation and detection guidance.
2 published vulnerabilities
- CVE-2026-40989MEDIUM 5.7
Spring Cloud Function versions across multiple release lines contain a flaw in the routing layer that can trigger infinite recursion during request handling. This recursion exhausts available memory, causing an out-of-memory (OOM) error that crashes the application. The vulnerability requires either physical access to the system or authenticated local access to exploit, which limits its immediate risk in cloud-native deployments but remains a concern for containerized environments or systems with weak internal network segmentation.
- CVE-2026-40990MEDIUM 5.7
A resource exhaustion flaw exists in Spring Cloud Function that allows an attacker to trigger out-of-memory (OOM) errors by registering an excessive number of functions in the Function Registry. The vulnerability requires local or adjacent network access and user interaction, making it a medium-severity concern primarily affecting development and hybrid deployment environments. Multiple versions across Spring Cloud Function 3.2 through 5.0 are vulnerable.