CVE-2026-40965

CRITICAL

Cloud Foundry UAA v76.12.0-v78.12.0 - EC Private Key Exposure via /token_keys Endpoint

Title source: llm

Description

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC (Elliptic Curve) private keys are inadvertently exposed through the public /token_keys endpoint. This endpoint is designed to provide public key material for JWT token verification but incorrectly exposes private key components for EC keys. The vulnerability affects deployments using EC keys for JWT token signing. The vulnerability does not affect RSA key configurations, only deployments using EC keys for JWT signing. Affected versions: - uaa_release: v76.12.0 through v78.12.0 (inclusive); fixed in v78.13.0 or later - CF Deployment: v30.0.0 through v56.0.0 (inclusive); fixed in v56.1.0 or later (bundles uaa_release v78.13.0)

References (1)

Core 1

Core References

Various Sources

https://www.cloudfoundry.org/blog/cve-2026-40965-uaa-ec-private-key-disclosure/

Scores

CVSS v3 10.0

EPSS 0.0030

EPSS Percentile 21.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-200

Status published

Products (2)

Cloud Foundry Foundation/CF Deployment 30.0.0 - 56.1.0

Cloud Foundry Foundation/uaa_release 76.12.0 - 78.13.0

Published Jun 01, 2026

Tracked Since Jun 02, 2026