Back

Critical Vulnerabilities in Spring Boot's SSL Configuration for Elasticsearch and RabbitMQ

Severity: High (Score: 70.5)

Sources: spring.io

Summary

Two critical vulnerabilities have been identified in Spring Boot's auto-configuration for Elasticsearch and RabbitMQ. CVE-2026-40970 affects Elasticsearch, while CVE-2026-40971 impacts RabbitMQ. Both vulnerabilities occur when configured to use an SSL bundle, leading to the disabling of TLS hostname verification during connections to their respective servers. Users of affected versions are advised to upgrade to fixed versions immediately. The vulnerabilities were reported by Yu Bao from PayPal. No further mitigation steps are necessary beyond upgrading. The issues could potentially expose users to man-in-the-middle attacks if exploited. The vulnerabilities were disclosed on April 27, 2026. Key Points: • CVE-2026-40970 and CVE-2026-40971 disable TLS hostname verification in Spring Boot. • Affected systems include Elasticsearch and RabbitMQ when using SSL bundles. • Immediate upgrades to fixed versions are required to mitigate these vulnerabilities.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2026-40970 (cve)
  • CVE-2026-40971 (cve)
  • Cwe-295 - Improper Certificate Validation (cwe)
  • paypal.com (domain)
  • Apache Tomcat (platform)
  • Elasticsearch (platform)
  • OpenJDK (platform)
  • RabbitMQ (platform)
  • Spring (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed