CVE-2026-40975 Overview
A significant cryptographic vulnerability has been identified in VMware Spring Boot's random value property source. The ${random.value} placeholder produces values that are not suitable for use as secrets due to the underlying weak pseudo-random number generator (PRNG) implementation. This allows attackers to potentially predict generated values and compromise application security where these values are used for sensitive purposes such as API keys, session tokens, or encryption keys.
Critical Impact
Applications using ${random.value} for generating secrets, tokens, or cryptographic keys are vulnerable to prediction attacks, potentially leading to unauthorized access and data exposure.
Affected Products
- VMware Spring Boot 4.0.0–4.0.5
- VMware Spring Boot 3.5.0–3.5.13
- VMware Spring Boot 3.4.0–3.4.15
- VMware Spring Boot 3.3.0–3.3.18
- VMware Spring Boot 2.7.0–2.7.32
- Older unsupported versions per vendor advisory
Discovery Timeline
- 2026-04-28 - CVE-2026-40975 published to NVD
- 2026-04-30 - Last updated in NVD database
Technical Details for CVE-2026-40975
Vulnerability Analysis
This vulnerability (CWE-330: Use of Insufficiently Random Values) stems from the random value property source in Spring Boot using a weak PRNG for generating ${random.value} outputs. While ${random.uuid} is not affected by this issue, the ${random.value} placeholder generates values that lack sufficient cryptographic strength for use in security-sensitive contexts.
The vulnerability is particularly concerning because developers may inadvertently use ${random.value} in configuration files for generating secrets, API keys, or other sensitive values without realizing the underlying weakness. The predictable nature of the PRNG output means that an attacker who can observe or infer the initial state could potentially predict future values.
It's important to note that ${random.int} and ${random.long} should never be used for secrets regardless, as they produce numeric values with predictable ranges. However, the primary concern with this CVE is the false sense of security that ${random.value} provides.
Root Cause
The root cause of CVE-2026-40975 lies in the implementation of the random value property source, which uses an insufficiently random PRNG algorithm for generating ${random.value} outputs. The PRNG implementation does not meet the cryptographic requirements necessary for generating secure secrets, making the output predictable under certain conditions.
Attack Vector
The attack vector for this vulnerability is network-based, requiring no privileges or user interaction. An attacker could exploit this vulnerability through the following mechanism:
- Observation Phase: The attacker identifies applications using ${random.value} for security-sensitive purposes such as session tokens or API keys
- Analysis Phase: By collecting multiple generated values, the attacker can analyze patterns and potentially determine the PRNG state
- Prediction Phase: Once the PRNG state is understood, the attacker can predict future values
- Exploitation Phase: Using predicted values, the attacker gains unauthorized access to protected resources or bypasses authentication mechanisms
The vulnerability manifests in Spring Boot's property resolution mechanism when applications rely on ${random.value} for generating secrets. Attackers with knowledge of the weak PRNG implementation can perform statistical analysis on observed values to predict future outputs. For detailed technical information, refer to the Spring Security Advisory CVE-2026-40975.
Detection Methods for CVE-2026-40975
Indicators of Compromise
- Configuration files (application.properties, application.yml) containing ${random.value} used for secrets, tokens, or cryptographic keys
- Application logs showing predictable patterns in generated random values
- Unexpected successful authentication attempts using predicted session tokens or API keys
- Anomalous access patterns that suggest credential prediction attacks
Detection Strategies
- Audit application configuration files for usage of ${random.value} in security-sensitive contexts
- Implement code review processes to identify and flag usage of weak random value sources for secrets
- Deploy SentinelOne Singularity Platform to monitor for suspicious authentication patterns and credential-based attacks
- Use static application security testing (SAST) tools to scan for vulnerable configurations
Monitoring Recommendations
- Enable detailed logging for authentication and authorization events to detect potential exploitation
- Monitor for unusual patterns in API key usage that might indicate prediction attacks
- Set up alerts for multiple failed authentication attempts followed by successful access
- Track and baseline normal application behavior to identify anomalies indicative of compromised secrets
How to Mitigate CVE-2026-40975
Immediate Actions Required
- Inventory all Spring Boot applications to identify affected versions
- Audit configuration files for usage of ${random.value} in security contexts
- Replace ${random.value} with cryptographically secure alternatives such as java.security.SecureRandom or external secret management solutions
- Rotate any secrets that may have been generated using ${random.value}
Patch Information
VMware has released patched versions that address this vulnerability. Organizations should upgrade to the following fixed versions:
| Affected Version Range | Fixed Version |
|---|---|
| 4.0.0–4.0.5 | 4.0.6 |
| 3.5.0–3.5.13 | 3.5.14 |
| 3.4.0–3.4.15 | 3.4.16 |
| 3.3.0–3.3.18 | 3.3.19 |
| 2.7.0–2.7.32 | 2.7.33 |
For complete patch information and additional guidance, consult the Spring Security Advisory CVE-2026-40975.
Workarounds
- Replace all instances of ${random.value} used for secrets with java.security.SecureRandom in application code
- Use ${random.uuid} as a temporary alternative, which is not affected by this vulnerability
- Implement external secret management solutions such as HashiCorp Vault or AWS Secrets Manager
- For containerized environments, inject secrets as environment variables from secure external sources
# Configuration example - Replace weak random values with secure alternatives
# Instead of using ${random.value} in application.properties:
# api.secret=${random.value} # VULNERABLE
# Use environment variables from secure secret management:
# api.secret=${API_SECRET}
# Or generate secrets using SecureRandom in Java code:
# SecureRandom secureRandom = new SecureRandom();
# byte[] secretBytes = new byte[32];
# secureRandom.nextBytes(secretBytes);
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
