VYPR

Maven package

org.springframework.boot/spring-boot-devtools

pkg:maven/org.springframework.boot/spring-boot-devtools

Vulnerabilities (1)

  • CVE-2026-40972HigApr 28, 2026
    affected >= 4.0.0, < 4.0.6fixed 4.0.6

    An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving rem