CVE-2026-41701

Published: Giu 10, 2026 Last Modified: Giu 10, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 4,4

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: high

User Interaction: none

Scope: changed

Confidentiality: low

Integrity: low

Availability: none

Description

AI Translation Available

Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter.

Affected versions:
Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0003

Percentile

0,1th

Updated

EPSS Score Trend (Last 5 Days)

330

Use of Insufficiently Random Values

Stable

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Other Access Control

Potential Impacts:

Other Bypass Protection Mechanism Gain Privileges Or Assume Identity

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: High

View CWE Details

https://spring.io/security/cve-2026-41701

CVE-2026-41701

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 5 Days)

Use of Insufficiently Random Values

Common Consequences

Applicable Platforms

Iscriviti alla newsletter