AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-40979: In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected version

mediumvulnerability

security

Source: NVD/CVE DatabaseApril 28, 2026CVE-2026-40979

Summary

CVE-2026-40979 is a security flaw in Spring AI (a framework for building AI applications) where someone with access to a shared computing environment can find and view the ONNX model (a type of machine learning model file) that the application uses. This vulnerability affects Spring AI versions 1.0.0 through 1.0.5 and 1.1.0 through 1.1.4.

Solution / Mitigation

Fixed in Spring AI version 1.0.6 and version 1.1.5.

Vulnerability Details

CVSS Score

6.1(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Attack Vector

local

Attack Complexity

low

Privileges Required

low

User Interaction

none

Disclosure Date

April 28, 2026

Classification

Attack Type

Data Extraction

Attack SophisticationTrivial

Impact (CIA+S)

confidentialityintegrity

Taxonomy References

CWE (Weakness Type)

CWE-377

Affected Vendors

Related Issues

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

Similar attackNVD/CVE Database

high

CVE-2025-54868: LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint

Similar attack

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-40979

First tracked: April 28, 2026 at 08:09 AM

Classified by LLM (prompt v3) · confidence: 85%