Spring Spring Grpc
2 CVEs affecting Spring Spring Grpc. Latest disclosed: 2026-04-28. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40968 | Medium | 4.2 | 2026-04-28 | When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a su… |
CVE-2026-40969 | Low | 3.7 | 2026-04-28 | The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an at… |