PT-2026-34254 · Vmware · Spring Security

Published

2026-04-22

Updated

2026-05-07

CVE-2026-22754

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Spring Security versions 7.0.0 through 7.0.4

Description An issue exists where the servlet path is not included when computing a path matcher if an application uses '<sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/>' to define the servlet path. Consequently, the related authorization rules are not exercised, which can lead to an authorization bypass.

Recommendations Update Spring Security to a version later than 7.0.4.

Fix

RCE

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2026-22754

GHSA-4VRC-J85C-598C

Affected Products

Spring Security

PT-2026-34254 · Vmware · Spring Security

CVE-2026-22754

Weakness Enumeration

Related Identifiers

Affected Products

References · 7