Critical Spring Cloud Config Flaws Can Expose Files and GCP Secrets

The Spring team has patched four Spring Cloud Config Server vulnerabilities that can expose sensitive files, Google Cloud secrets, Git repository paths, and internal log data. The flaws affect several supported release lines, so teams running Spring Cloud Config Server should upgrade as soon as possible. The most serious bug, CVE-2026-40982, carries a critical severity […] The post Critical Spring Cloud Config Flaws Can Expose Files and GCP Secrets appeared first on VPN Central.