Product
An unauthenticated attacker can exploit CVE-2026-62242, a server-side request forgery vulnerability in Spring Boot Admin Server before 4.1.2, to force the server to make requests to arbitrary internal addresses and exfiltrate sensitive data, including cloud credentials.