CVE-2026-2817

Name of the Vulnerable Software and Affected Versions Spring Data Geode (affected versions not specified)

Description The software has a flaw related to insecure directory usage during snapshot imports. Specifically, archives are extracted into predictable and overly permissive directories within the system's temporary location. This can lead to unauthorized access to cache data on shared hosts, as a local user with limited privileges may be able to access the extracted contents of another user's snapshot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.