CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-22733

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from 3.5.0 through 3.5.11, from 3.4.0 through 3.4.14, from 3.3.0 through 3.3.17, from 2.7.0 through 2.7.31.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.6%

CVSS Severity

CVSS v3 Score 8.2

References

https://spring.io/security/cve-2026-22733

Products affected by CVE-2026-22733

Vmware » Spring Boot » Version: Any

cpe:2.3:a:vmware:spring_boot:*
Vmware » Spring Boot » Version: 0.5.0

cpe:2.3:a:vmware:spring_boot:0.5.0
Vmware » Spring Boot » Version: 1.0.0

cpe:2.3:a:vmware:spring_boot:1.0.0
Vmware » Spring Boot » Version: 1.0.1

cpe:2.3:a:vmware:spring_boot:1.0.1
Vmware » Spring Boot » Version: 1.0.2

cpe:2.3:a:vmware:spring_boot:1.0.2
Vmware » Spring Boot » Version: 1.1.0

cpe:2.3:a:vmware:spring_boot:1.1.0
Vmware » Spring Boot » Version: 1.1.1

cpe:2.3:a:vmware:spring_boot:1.1.1
Vmware » Spring Boot » Version: 1.1.10

cpe:2.3:a:vmware:spring_boot:1.1.10
Vmware » Spring Boot » Version: 1.1.11

cpe:2.3:a:vmware:spring_boot:1.1.11
Vmware » Spring Boot » Version: 1.1.12

cpe:2.3:a:vmware:spring_boot:1.1.12
Vmware » Spring Boot » Version: 1.1.2

cpe:2.3:a:vmware:spring_boot:1.1.2
Vmware » Spring Boot » Version: 1.1.3

cpe:2.3:a:vmware:spring_boot:1.1.3
Vmware » Spring Boot » Version: 1.1.4

cpe:2.3:a:vmware:spring_boot:1.1.4
Vmware » Spring Boot » Version: 1.1.5

cpe:2.3:a:vmware:spring_boot:1.1.5
Vmware » Spring Boot » Version: 1.1.6

cpe:2.3:a:vmware:spring_boot:1.1.6
Vmware » Spring Boot » Version: 1.1.7

cpe:2.3:a:vmware:spring_boot:1.1.7
Vmware » Spring Boot » Version: 1.1.8

cpe:2.3:a:vmware:spring_boot:1.1.8
Vmware » Spring Boot » Version: 1.1.9

cpe:2.3:a:vmware:spring_boot:1.1.9
Vmware » Spring Boot » Version: 1.2.0

cpe:2.3:a:vmware:spring_boot:1.2.0
Vmware » Spring Boot » Version: 1.2.1

cpe:2.3:a:vmware:spring_boot:1.2.1
Vmware » Spring Boot » Version: 1.2.2

cpe:2.3:a:vmware:spring_boot:1.2.2
Vmware » Spring Boot » Version: 1.2.3

cpe:2.3:a:vmware:spring_boot:1.2.3
Vmware » Spring Boot » Version: 1.2.4

cpe:2.3:a:vmware:spring_boot:1.2.4
Vmware » Spring Boot » Version: 1.2.5

cpe:2.3:a:vmware:spring_boot:1.2.5
Vmware » Spring Boot » Version: 1.2.6

cpe:2.3:a:vmware:spring_boot:1.2.6
Vmware » Spring Boot » Version: 1.2.7

cpe:2.3:a:vmware:spring_boot:1.2.7
Vmware » Spring Boot » Version: 1.2.8

cpe:2.3:a:vmware:spring_boot:1.2.8
Vmware » Spring Boot » Version: 1.3.0

cpe:2.3:a:vmware:spring_boot:1.3.0
Vmware » Spring Boot » Version: 1.3.1

cpe:2.3:a:vmware:spring_boot:1.3.1
Vmware » Spring Boot » Version: 1.3.2

cpe:2.3:a:vmware:spring_boot:1.3.2
Vmware » Spring Boot » Version: 1.3.3

cpe:2.3:a:vmware:spring_boot:1.3.3
Vmware » Spring Boot » Version: 1.3.4

cpe:2.3:a:vmware:spring_boot:1.3.4
Vmware » Spring Boot » Version: 1.3.5

cpe:2.3:a:vmware:spring_boot:1.3.5
Vmware » Spring Boot » Version: 1.3.6

cpe:2.3:a:vmware:spring_boot:1.3.6
Vmware » Spring Boot » Version: 1.3.7

cpe:2.3:a:vmware:spring_boot:1.3.7
Vmware » Spring Boot » Version: 1.3.8

cpe:2.3:a:vmware:spring_boot:1.3.8
Vmware » Spring Boot » Version: 1.4.0

cpe:2.3:a:vmware:spring_boot:1.4.0
Vmware » Spring Boot » Version: 1.4.1

cpe:2.3:a:vmware:spring_boot:1.4.1
Vmware » Spring Boot » Version: 1.4.2

cpe:2.3:a:vmware:spring_boot:1.4.2
Vmware » Spring Boot » Version: 1.4.3

cpe:2.3:a:vmware:spring_boot:1.4.3
Vmware » Spring Boot » Version: 1.4.4

cpe:2.3:a:vmware:spring_boot:1.4.4
Vmware » Spring Boot » Version: 1.4.5

cpe:2.3:a:vmware:spring_boot:1.4.5
Vmware » Spring Boot » Version: 1.4.6

cpe:2.3:a:vmware:spring_boot:1.4.6
Vmware » Spring Boot » Version: 1.4.7

cpe:2.3:a:vmware:spring_boot:1.4.7
Vmware » Spring Boot » Version: 1.5.0

cpe:2.3:a:vmware:spring_boot:1.5.0
Vmware » Spring Boot » Version: 1.5.1

cpe:2.3:a:vmware:spring_boot:1.5.1
Vmware » Spring Boot » Version: 1.5.10

cpe:2.3:a:vmware:spring_boot:1.5.10
Vmware » Spring Boot » Version: 1.5.11

cpe:2.3:a:vmware:spring_boot:1.5.11
Vmware » Spring Boot » Version: 1.5.12

cpe:2.3:a:vmware:spring_boot:1.5.12
Vmware » Spring Boot » Version: 1.5.13

cpe:2.3:a:vmware:spring_boot:1.5.13
Vmware » Spring Boot » Version: 1.5.14

cpe:2.3:a:vmware:spring_boot:1.5.14
Vmware » Spring Boot » Version: 1.5.15

cpe:2.3:a:vmware:spring_boot:1.5.15
Vmware » Spring Boot » Version: 1.5.16

cpe:2.3:a:vmware:spring_boot:1.5.16
Vmware » Spring Boot » Version: 1.5.17

cpe:2.3:a:vmware:spring_boot:1.5.17
Vmware » Spring Boot » Version: 1.5.18

cpe:2.3:a:vmware:spring_boot:1.5.18
Vmware » Spring Boot » Version: 1.5.19

cpe:2.3:a:vmware:spring_boot:1.5.19
Vmware » Spring Boot » Version: 1.5.2

cpe:2.3:a:vmware:spring_boot:1.5.2
Vmware » Spring Boot » Version: 1.5.20

cpe:2.3:a:vmware:spring_boot:1.5.20
Vmware » Spring Boot » Version: 1.5.21

cpe:2.3:a:vmware:spring_boot:1.5.21
Vmware » Spring Boot » Version: 1.5.22

cpe:2.3:a:vmware:spring_boot:1.5.22
Vmware » Spring Boot » Version: 1.5.3

cpe:2.3:a:vmware:spring_boot:1.5.3
Vmware » Spring Boot » Version: 1.5.4

cpe:2.3:a:vmware:spring_boot:1.5.4
Vmware » Spring Boot » Version: 1.5.5

cpe:2.3:a:vmware:spring_boot:1.5.5
Vmware » Spring Boot » Version: 1.5.6

cpe:2.3:a:vmware:spring_boot:1.5.6
Vmware » Spring Boot » Version: 1.5.7

cpe:2.3:a:vmware:spring_boot:1.5.7
Vmware » Spring Boot » Version: 1.5.8

cpe:2.3:a:vmware:spring_boot:1.5.8
Vmware » Spring Boot » Version: 1.5.9

cpe:2.3:a:vmware:spring_boot:1.5.9
Vmware » Spring Boot » Version: 2.0.0

cpe:2.3:a:vmware:spring_boot:2.0.0
Vmware » Spring Boot » Version: 2.0.1

cpe:2.3:a:vmware:spring_boot:2.0.1
Vmware » Spring Boot » Version: 2.0.2

cpe:2.3:a:vmware:spring_boot:2.0.2
Vmware » Spring Boot » Version: 2.0.3

cpe:2.3:a:vmware:spring_boot:2.0.3
Vmware » Spring Boot » Version: 2.0.4

cpe:2.3:a:vmware:spring_boot:2.0.4
Vmware » Spring Boot » Version: 2.0.5

cpe:2.3:a:vmware:spring_boot:2.0.5
Vmware » Spring Boot » Version: 2.0.6

cpe:2.3:a:vmware:spring_boot:2.0.6
Vmware » Spring Boot » Version: 2.0.7

cpe:2.3:a:vmware:spring_boot:2.0.7
Vmware » Spring Boot » Version: 2.0.8

cpe:2.3:a:vmware:spring_boot:2.0.8
Vmware » Spring Boot » Version: 2.0.9

cpe:2.3:a:vmware:spring_boot:2.0.9
Vmware » Spring Boot » Version: 2.1.0

cpe:2.3:a:vmware:spring_boot:2.1.0
Vmware » Spring Boot » Version: 2.1.1

cpe:2.3:a:vmware:spring_boot:2.1.1
Vmware » Spring Boot » Version: 2.1.10

cpe:2.3:a:vmware:spring_boot:2.1.10
Vmware » Spring Boot » Version: 2.1.11

cpe:2.3:a:vmware:spring_boot:2.1.11
Vmware » Spring Boot » Version: 2.1.12

cpe:2.3:a:vmware:spring_boot:2.1.12
Vmware » Spring Boot » Version: 2.1.13

cpe:2.3:a:vmware:spring_boot:2.1.13
Vmware » Spring Boot » Version: 2.1.14

cpe:2.3:a:vmware:spring_boot:2.1.14
Vmware » Spring Boot » Version: 2.1.15

cpe:2.3:a:vmware:spring_boot:2.1.15
Vmware » Spring Boot » Version: 2.1.16

cpe:2.3:a:vmware:spring_boot:2.1.16
Vmware » Spring Boot » Version: 2.1.17

cpe:2.3:a:vmware:spring_boot:2.1.17
Vmware » Spring Boot » Version: 2.1.18

cpe:2.3:a:vmware:spring_boot:2.1.18
Vmware » Spring Boot » Version: 2.1.2

cpe:2.3:a:vmware:spring_boot:2.1.2
Vmware » Spring Boot » Version: 2.1.3

cpe:2.3:a:vmware:spring_boot:2.1.3
Vmware » Spring Boot » Version: 2.1.4

cpe:2.3:a:vmware:spring_boot:2.1.4
Vmware » Spring Boot » Version: 2.1.5

cpe:2.3:a:vmware:spring_boot:2.1.5
Vmware » Spring Boot » Version: 2.1.6

cpe:2.3:a:vmware:spring_boot:2.1.6
Vmware » Spring Boot » Version: 2.1.7

cpe:2.3:a:vmware:spring_boot:2.1.7
Vmware » Spring Boot » Version: 2.1.8

cpe:2.3:a:vmware:spring_boot:2.1.8
Vmware » Spring Boot » Version: 2.1.9

cpe:2.3:a:vmware:spring_boot:2.1.9
Vmware » Spring Boot » Version: 2.2.0

cpe:2.3:a:vmware:spring_boot:2.2.0
Vmware » Spring Boot » Version: 2.2.1

cpe:2.3:a:vmware:spring_boot:2.2.1
Vmware » Spring Boot » Version: 2.2.10

cpe:2.3:a:vmware:spring_boot:2.2.10
Vmware » Spring Boot » Version: 2.2.11

cpe:2.3:a:vmware:spring_boot:2.2.11
Vmware » Spring Boot » Version: 2.2.12

cpe:2.3:a:vmware:spring_boot:2.2.12
Vmware » Spring Boot » Version: 2.2.13

cpe:2.3:a:vmware:spring_boot:2.2.13
Vmware » Spring Boot » Version: 2.2.2

cpe:2.3:a:vmware:spring_boot:2.2.2
Vmware » Spring Boot » Version: 2.2.3

cpe:2.3:a:vmware:spring_boot:2.2.3
Vmware » Spring Boot » Version: 2.2.4

cpe:2.3:a:vmware:spring_boot:2.2.4
Vmware » Spring Boot » Version: 2.2.5

cpe:2.3:a:vmware:spring_boot:2.2.5
Vmware » Spring Boot » Version: 2.2.6

cpe:2.3:a:vmware:spring_boot:2.2.6
Vmware » Spring Boot » Version: 2.2.7

cpe:2.3:a:vmware:spring_boot:2.2.7
Vmware » Spring Boot » Version: 2.2.8

cpe:2.3:a:vmware:spring_boot:2.2.8
Vmware » Spring Boot » Version: 2.2.9

cpe:2.3:a:vmware:spring_boot:2.2.9
Vmware » Spring Boot » Version: 2.3.0

cpe:2.3:a:vmware:spring_boot:2.3.0
Vmware » Spring Boot » Version: 2.3.1

cpe:2.3:a:vmware:spring_boot:2.3.1
Vmware » Spring Boot » Version: 2.3.10

cpe:2.3:a:vmware:spring_boot:2.3.10
Vmware » Spring Boot » Version: 2.3.11

cpe:2.3:a:vmware:spring_boot:2.3.11
Vmware » Spring Boot » Version: 2.3.12

cpe:2.3:a:vmware:spring_boot:2.3.12
Vmware » Spring Boot » Version: 2.3.2

cpe:2.3:a:vmware:spring_boot:2.3.2
Vmware » Spring Boot » Version: 2.3.3

cpe:2.3:a:vmware:spring_boot:2.3.3
Vmware » Spring Boot » Version: 2.3.4

cpe:2.3:a:vmware:spring_boot:2.3.4
Vmware » Spring Boot » Version: 2.3.5

cpe:2.3:a:vmware:spring_boot:2.3.5
Vmware » Spring Boot » Version: 2.3.6

cpe:2.3:a:vmware:spring_boot:2.3.6
Vmware » Spring Boot » Version: 2.3.7

cpe:2.3:a:vmware:spring_boot:2.3.7
Vmware » Spring Boot » Version: 2.3.8

cpe:2.3:a:vmware:spring_boot:2.3.8
Vmware » Spring Boot » Version: 2.3.9

cpe:2.3:a:vmware:spring_boot:2.3.9
Vmware » Spring Boot » Version: 2.4.0

cpe:2.3:a:vmware:spring_boot:2.4.0
Vmware » Spring Boot » Version: 2.4.1

cpe:2.3:a:vmware:spring_boot:2.4.1
Vmware » Spring Boot » Version: 2.4.10

cpe:2.3:a:vmware:spring_boot:2.4.10
Vmware » Spring Boot » Version: 2.4.11

cpe:2.3:a:vmware:spring_boot:2.4.11
Vmware » Spring Boot » Version: 2.4.12

cpe:2.3:a:vmware:spring_boot:2.4.12
Vmware » Spring Boot » Version: 2.4.13

cpe:2.3:a:vmware:spring_boot:2.4.13
Vmware » Spring Boot » Version: 2.4.2

cpe:2.3:a:vmware:spring_boot:2.4.2
Vmware » Spring Boot » Version: 2.4.3

cpe:2.3:a:vmware:spring_boot:2.4.3
Vmware » Spring Boot » Version: 2.4.4

cpe:2.3:a:vmware:spring_boot:2.4.4
Vmware » Spring Boot » Version: 2.4.5

cpe:2.3:a:vmware:spring_boot:2.4.5
Vmware » Spring Boot » Version: 2.4.6

cpe:2.3:a:vmware:spring_boot:2.4.6
Vmware » Spring Boot » Version: 2.4.7

cpe:2.3:a:vmware:spring_boot:2.4.7
Vmware » Spring Boot » Version: 2.4.8

cpe:2.3:a:vmware:spring_boot:2.4.8
Vmware » Spring Boot » Version: 2.4.9

cpe:2.3:a:vmware:spring_boot:2.4.9
Vmware » Spring Boot » Version: 2.5.0

cpe:2.3:a:vmware:spring_boot:2.5.0
Vmware » Spring Boot » Version: 2.5.1

cpe:2.3:a:vmware:spring_boot:2.5.1
Vmware » Spring Boot » Version: 2.5.10

cpe:2.3:a:vmware:spring_boot:2.5.10
Vmware » Spring Boot » Version: 2.5.11

cpe:2.3:a:vmware:spring_boot:2.5.11
Vmware » Spring Boot » Version: 2.5.12

cpe:2.3:a:vmware:spring_boot:2.5.12
Vmware » Spring Boot » Version: 2.5.13

cpe:2.3:a:vmware:spring_boot:2.5.13
Vmware » Spring Boot » Version: 2.5.14

cpe:2.3:a:vmware:spring_boot:2.5.14
Vmware » Spring Boot » Version: 2.5.15

cpe:2.3:a:vmware:spring_boot:2.5.15
Vmware » Spring Boot » Version: 2.5.2

cpe:2.3:a:vmware:spring_boot:2.5.2
Vmware » Spring Boot » Version: 2.5.3

cpe:2.3:a:vmware:spring_boot:2.5.3
Vmware » Spring Boot » Version: 2.5.4

cpe:2.3:a:vmware:spring_boot:2.5.4
Vmware » Spring Boot » Version: 2.5.5

cpe:2.3:a:vmware:spring_boot:2.5.5
Vmware » Spring Boot » Version: 2.5.6

cpe:2.3:a:vmware:spring_boot:2.5.6
Vmware » Spring Boot » Version: 2.5.7

cpe:2.3:a:vmware:spring_boot:2.5.7
Vmware » Spring Boot » Version: 2.5.8

cpe:2.3:a:vmware:spring_boot:2.5.8
Vmware » Spring Boot » Version: 2.5.9

cpe:2.3:a:vmware:spring_boot:2.5.9
Vmware » Spring Boot » Version: 2.6.0

cpe:2.3:a:vmware:spring_boot:2.6.0
Vmware » Spring Boot » Version: 2.6.1

cpe:2.3:a:vmware:spring_boot:2.6.1
Vmware » Spring Boot » Version: 2.6.10

cpe:2.3:a:vmware:spring_boot:2.6.10
Vmware » Spring Boot » Version: 2.6.11

cpe:2.3:a:vmware:spring_boot:2.6.11
Vmware » Spring Boot » Version: 2.6.12

cpe:2.3:a:vmware:spring_boot:2.6.12
Vmware » Spring Boot » Version: 2.6.13

cpe:2.3:a:vmware:spring_boot:2.6.13
Vmware » Spring Boot » Version: 2.6.14

cpe:2.3:a:vmware:spring_boot:2.6.14
Vmware » Spring Boot » Version: 2.6.15

cpe:2.3:a:vmware:spring_boot:2.6.15
Vmware » Spring Boot » Version: 2.6.2

cpe:2.3:a:vmware:spring_boot:2.6.2
Vmware » Spring Boot » Version: 2.6.3

cpe:2.3:a:vmware:spring_boot:2.6.3
Vmware » Spring Boot » Version: 2.6.4

cpe:2.3:a:vmware:spring_boot:2.6.4
Vmware » Spring Boot » Version: 2.6.5

cpe:2.3:a:vmware:spring_boot:2.6.5
Vmware » Spring Boot » Version: 2.6.6

cpe:2.3:a:vmware:spring_boot:2.6.6
Vmware » Spring Boot » Version: 2.6.7

cpe:2.3:a:vmware:spring_boot:2.6.7
Vmware » Spring Boot » Version: 2.6.8

cpe:2.3:a:vmware:spring_boot:2.6.8
Vmware » Spring Boot » Version: 2.6.9

cpe:2.3:a:vmware:spring_boot:2.6.9
Vmware » Spring Boot » Version: 2.7.0

cpe:2.3:a:vmware:spring_boot:2.7.0
Vmware » Spring Boot » Version: 2.7.1

cpe:2.3:a:vmware:spring_boot:2.7.1
Vmware » Spring Boot » Version: 2.7.10

cpe:2.3:a:vmware:spring_boot:2.7.10
Vmware » Spring Boot » Version: 2.7.11

cpe:2.3:a:vmware:spring_boot:2.7.11
Vmware » Spring Boot » Version: 2.7.12

cpe:2.3:a:vmware:spring_boot:2.7.12
Vmware » Spring Boot » Version: 2.7.13

cpe:2.3:a:vmware:spring_boot:2.7.13
Vmware » Spring Boot » Version: 2.7.14

cpe:2.3:a:vmware:spring_boot:2.7.14
Vmware » Spring Boot » Version: 2.7.2

cpe:2.3:a:vmware:spring_boot:2.7.2
Vmware » Spring Boot » Version: 2.7.3

cpe:2.3:a:vmware:spring_boot:2.7.3
Vmware » Spring Boot » Version: 2.7.4

cpe:2.3:a:vmware:spring_boot:2.7.4
Vmware » Spring Boot » Version: 2.7.5

cpe:2.3:a:vmware:spring_boot:2.7.5
Vmware » Spring Boot » Version: 2.7.6

cpe:2.3:a:vmware:spring_boot:2.7.6
Vmware » Spring Boot » Version: 2.7.7

cpe:2.3:a:vmware:spring_boot:2.7.7
Vmware » Spring Boot » Version: 2.7.8

cpe:2.3:a:vmware:spring_boot:2.7.8
Vmware » Spring Boot » Version: 2.7.9

cpe:2.3:a:vmware:spring_boot:2.7.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-22733

Products

Pricing

Contact Us