CVE-2026-22739 Spring — Exploit & Vulnerability Details HIGH

CVE-2026-22739

HIGH CVSS 3.1: 8.6 EPSS 11.3%

Parameter	Value
CVSS	8.6 (HIGH)
Affected Versions	before 3.1.13
Type	CWE-22 (Path Traversal)
Vendor	Spring
Public PoC	No

Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible to access files outside of the configured search directories.This issue affects Spring Cloud: from 3.1.X before 3.1.13, from 4.1.X before 4.1.9, from 4.2.X before 4.2.3, from 4.3.X before 4.3.2, from 5.0.X before 5.0.2.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

Low

Partial data modification

Availability

Low

Partial disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-22 Path Traversal

References 1

https://spring.io/security/cve-2026-22739

security@vmware.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-22750

Spring

7.5

CVE-2026-22743

Spring

7.5

CVE-2026-22742

Spring

8.6

CVE-2026-22738

Spring

9.8

CVE-2026-22735

Spring

2.6

Menu

CVE-2026-22739

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-22750

CVE-2026-22743

CVE-2026-22742

CVE-2026-22738

CVE-2026-22735

CVE Details

Editor's Choice

Menu

CVE-2026-22739

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-22750

CVE-2026-22743

CVE-2026-22742

CVE-2026-22738

CVE-2026-22735

CVE Details

Editor's Choice

Stay informed on cybersecurity