CVE-2026-22753

Name of the Vulnerable Software and Affected Versions Spring Spring Security versions 7.0.0 through 7.0.4

Description An issue exists when an application utilizes the securityMatchers(String) method and a PathPatternRequestMatcher.Builder bean to prepend a servlet path. This configuration can cause request matching to the filter chain to fail, preventing related security components from executing. Consequently, authentication, authorization, and other security controls may become inactive for the intended requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.