Description
In Spring AI, having access to a shared environment can expose the ONNX model used by the application.

Affected versions:
Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)
Published: 2026-04-28
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive model disclosure
Action: Patch Now
AI Analysis

Impact

The vulnerability allows an attacker who can access a shared environment to read or copy the ONNX model used by the application, exposing valuable intellectual property. It is a confidentiality issue aligned with CWE‑377, where improper configuration of shared resources enables data leakage.

Affected Systems

Spring AI versions 1.0.0 through 1.0.5 and 1.1.0 through 1.1.4 are impacted; the problem is fixed in 1.0.6 and 1.1.5.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity. With no EPSS score available and the vulnerability not listed in CISA KEV, the attack likelihood hinges on the attacker’s ability to share the same environment. The most likely vector is local access or compromise of an application that shares the environment, allowing the attacker to read the model. Though it does not allow remote code execution, the exposure of the model can lead to intellectual‑property theft and potentially enable further attacks or reverse engineering.

Generated by OpenCVE AI on April 28, 2026 at 12:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Spring AI to version 1.0.6 or newer, or to 1.1.5 or newer, to apply the vendor fix.
  • Configure the application to run in an isolated environment where no other processes can access the shared environment, ensuring the ONNX model is not exposed to unintended entities.
  • Restrict file system permissions on the ONNX model so that only the executing application process can read it, preventing other users or processes from viewing the model data.

Generated by OpenCVE AI on April 28, 2026 at 12:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://spring.io/security/cve-2026-40979 cve-icon cve-icon
History

Tue, 28 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 28 Apr 2026 12:45:00 +0000

Type Values Removed Values Added
Title Exposure of ONNX Model via Shared Environment in Spring AI

Tue, 28 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
Description In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)
Weaknesses CWE-377
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: vmware

Published:

Updated: 2026-04-28T12:33:07.977Z

Reserved: 2026-04-16T02:19:04.616Z

Link: CVE-2026-40979

cve-icon Vulnrichment

Updated: 2026-04-28T12:33:03.027Z

cve-icon NVD

Status : Received

Published: 2026-04-28T09:16:16.767

Modified: 2026-04-28T09:16:16.767

Link: CVE-2026-40979

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T12:30:31Z

Weaknesses