CVE-2026-22731
Received Received - Intake

Authentication Bypass in Spring Boot Actuator Health Group Endpoints

Vulnerability report for CVE-2026-22731, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-19

Last updated on: 2026-04-16

Assigner: VMware

Description

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under a specific path, already configured for a Health Group additional path. This issue affects Spring Boot: from 4.0 before 4.0.3, from 3.5 before 3.5.11, from 3.4 before 3.4.15. This CVE is similar but not equivalent to CVE-2026-22733, as the conditions for exploit and vulnerable versions are different.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-19
Last Modified
2026-04-16
Generated
2026-07-06
AI Q&A
2026-03-20
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
vmware spring_boot From 3.4.0 (inc) to 3.4.15 (exc)
vmware spring_boot From 3.5.0 (inc) to 3.5.12 (exc)
vmware spring_boot From 4.0.0 (inc) to 4.0.4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-288 The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects Spring Boot applications that use the Actuator module. It is an authentication bypass issue that occurs when an application endpoint requiring authentication is declared under a specific path that is already configured as a Health Group additional path. This misconfiguration allows unauthorized users to bypass authentication controls.

Impact Analysis

The vulnerability can allow attackers to access endpoints that should be protected by authentication without proper credentials. This can lead to unauthorized access to sensitive application information or functionality, potentially compromising confidentiality and integrity.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22731. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart