Medium severity5.7NVD Advisory· Published Jun 1, 2026· Updated Jun 5, 2026
CVE-2026-40990
CVE-2026-40990
Description
OOM error is possible while attempting to add infinite amount of functions to Function Registry.
Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud Function 4.3.x: versions prior to 4.3.3 Spring Cloud Function 5.0.x: versions prior to 5.0.2 Older, unsupported versions are also affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*Range: >=3.2.0,<3.2.16
- Range: <3.2.16, <4.1.10, <4.2.6, <4.3.3, <5.0.2
Patches
Vulnerability mechanics
References
1- spring.io/security/cve-2026-40990nvdVendor Advisory
News mentions
0No linked articles in our index yet.