CVE-2026-41701

MEDIUM NVD

CVSS Score 4.4

Severity MEDIUM

Published Jun 10, 2026

Vendor unknown

Description

Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17.

References

https://spring.io/security/cve-2026-41701