cyberLOW2026-04-27 23:32 UTC

CVE-2026-40975 - Spring Boot Weak PRNG for Secrets

CVE ID :CVE-2026-40975 Published : April 27, 2026, 11:32 p.m. | 29 minutes ago Description :Values produced by ${random.value} are not suitable for use as secrets. ${random.uuid} is not affected. ${random.int} and ${random.long} should never be used for secrets as they are numeric values with

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

[CYBER] CVE-2026-7214 - eghuzefa engineer-your-data server.py file_inf path traversal
[CYBER] CVE-2026-7213 - ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal
[CYBER] CVE-2026-7211 - dvladimirov MCP Git Search API mcp_server.py GitSearchRequest command injection
[CYBER] CVE-2026-7206 - dubydu sqlite-mcp entry.py extract_to_json sql injection
[CYBER] CVE-2026-7205 - duartium papers-mcp-server main.py search_papers path traversal
[CYBER] CVE-2026-7204 - Totolink A8000RU CGI cstecgi.cgi setPptpServerCfg os command injection

Editorial policy · Report a correction