Vulnerability in Awspring Spring-cloud-aws
CVE-2026-44308
Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support (@NotificationMessageMapping, @NotificationSubscriptio…
EPSS: 0.001 (28.6th percentile) — read the EPSS interpretation.
Affected products
- Awspring Spring-cloud-aws — versions >= 3.0.0, < 4.0.2
- Io.awspring.cloud Spring-cloud-aws-sns — versions >= 3.0.0, < 4.0.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)