Hibernate Reactive Connection Leak Vulnerability Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in Hibernate Reactive. When an HTTP endpoint is exposed for database operations, a remote client can prematurely close the HTTP connection. This disconnection can cause database connections to leak from the connection pool, potentially exhausting available connections and leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition by leaking database connections, which can exhaust the connection pool and prevent other processes from accessing the database.

Added: Jan 26, 2026, 8:27 PM

Updated: Jan 26, 2026, 8:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.0

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.0

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hibernate Reactive Connection Leak Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating