CVE-2026-22747
MEDIUMDescription
Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. This issue affects Spring Security: from 7.0.0 through 7.0.4.
Is your site exposed to CVE-2026-22747?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| vmware | spring_security |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2026-22747? +
How severe is CVE-2026-22747? +
What products are affected by CVE-2026-22747? +
How do I check if I'm vulnerable to CVE-2026-22747? +
Related Vulnerabilities
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. …
Allow attackers to intercept or falsify data exchanges between the client and the server
An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOW_ALL_HOSTNAME_VERIFIER, bypassing domain …
It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the …
A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, …
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName …