CVE-2026-40990

MEDIUM NVD

CVSS Score 5.7

Severity MEDIUM

Published Jun 01, 2026

Vendor unknown

Description

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud Function 4.3.x: versions prior to 4.3.3 Spring Cloud Function 5.0.x: versions prior to 5.0.2 Older, unsupported versions are also affected.

References

https://spring.io/security/cve-2026-40990