CVE-2026-22726
Received Received - Intake
Route Service Misconfiguration Allows Internal Network Access

Publication date: 2026-05-01

Last updated on: 2026-05-04

Assigner: VMware

Description
Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks reachable by the Gorouter, which may not have previously had direct access from outside networks, or from the application. Routing release: affected from v0.118.0 through v0.371.0 (inclusive); upgrade to v0.372.0 or greater. CF Deployment: affected from v0.0.2 through v54.14.0 (inclusive); upgrade to v55.0.0 or greater (includes routing_release v0.372.0).
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-04
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-14
NVD
CVE-2026-22726
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cloudfoundry cf-deployment From 0.0.2 (inc) to 55.0.0 (exc)
cloudfoundry routing_release From 0.118.0 (inc) to 0.372.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-923 The product establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-22726 is a medium-severity vulnerability in Cloud Foundry's Route Services that allows a malicious developer with access to configure route services to bypass egress rules.

This means the attacker can redirect application traffic to internal HTTP services on networks reachable by the Gorouter that were not previously accessible from outside networks or the application itself.

Essentially, it enables firewall bypass by sending app traffic to destinations outside the app's configured egress rules.

Impact Analysis

This vulnerability can expose internal network services that were previously protected from external access.

A malicious developer could exploit this to access or interact with internal HTTP services, potentially leading to unauthorized access or disruption.

While it does not directly impact confidentiality or integrity, it can cause availability issues and increase the attack surface by bypassing firewall and egress restrictions.

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to upgrade affected components to patched versions.

  • Upgrade the Routing release to version 0.372.0 or later.
  • Upgrade the Cloud Foundry Deployment to version 55.0.0 or later, which includes the patched routing_release 0.372.0.
Compliance Impact

This vulnerability allows malicious developers to bypass egress rules and send application traffic to internal HTTP services that were not previously exposed to external networks or the application itself.

Such unauthorized access to internal services could potentially lead to exposure of sensitive data or systems, which may impact compliance with standards and regulations like GDPR or HIPAA that require strict controls on data access and network security.

However, the provided information does not explicitly detail the direct impact on compliance frameworks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22726. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart