CVE-2026-22726
CVE-2026-22726 is a medium-severity vulnerability in Cloudfoundry Cf-deployment with a CVSS 3.x base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-923.
Key facts
- Severity: Medium (CVSS 3.x base score 5.0)
- EPSS exploit prediction: 0% (10th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-26458
- Weakness: CWE-923
- Affected product: Cloudfoundry Cf-deployment
- Published:
- Last modified:
Description
Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks reachable by the Gorouter, which may not have previously had direct access from outside networks, or from the application. Routing release: affected from v0.118.0 through v0.371.0 (inclusive); upgrade to v0.372.0 or greater. CF Deployment: affected from v0.0.2 through v54.14.0 (inclusive); upgrade to v55.0.0 or greater (includes routing_release v0.372.0).
Frequently asked questions
- What is CVE-2026-22726?
- Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks reachable by the Gorouter, which may not have previously had direct access from outside networks, or from the application. Routing release: affected from v0.118.0 through v0.371.0 (inclusive); upgrade to v0.372.0 or greater. CF Deployment: affected from v0.0.2 through v54.14.0 (inclusive); upgrade to v55.0.0 or greater (includes routing_release v0.372.0).
- How severe is CVE-2026-22726?
- CVE-2026-22726 has a CVSS 3.x base score of 5.0, rated medium severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability low.
- Is CVE-2026-22726 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (10th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2026-22726?
- CVE-2026-22726 primarily affects Cloudfoundry Cf-deployment. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2026-22726?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2026-22726 have an EU (EUVD) identifier?
- Yes. CVE-2026-22726 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-26458.
- When was CVE-2026-22726 published?
- CVE-2026-22726 was published on 2026-05-01 and last updated on 2026-06-17.
References
Affected products (2)
- cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*
- cpe:2.3:a:cloudfoundry:routing_release:*:*:*:*:*:*:*:*
More vulnerabilities in Cloudfoundry Cf-deployment
- CVE-2019-3801 — Critical (CVSS 9.8): Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure protocol to…
- CVE-2022-31733 — Critical (CVSS 9.1): Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are…
- CVE-2020-5417 — High (CVSS 8.8): Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where an app domain is also…
- CVE-2020-5402 — High (CVSS 8.8): In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not…
- CVE-2019-11283 — High (CVSS 8.8): Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote…
- CVE-2018-1191 — High (CVSS 8.8): Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access…
All CVEs affecting Cloudfoundry Cf-deployment →
Other CWE-923 vulnerabilities
- CVE-2019-17440 — Critical (CVSS 10.0): Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation…
- CVE-2024-41889 — Critical (CVSS 9.8): Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited,…
- CVE-2026-34205 — Critical (CVSS 9.6): Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps…
- CVE-2023-28078 — Critical (CVSS 9.1): Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A…
- CVE-2025-61939 — High (CVSS 8.8): An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual…
- CVE-2025-20261 — High (CVSS 8.8): A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC) for Cisco UCS B-Series,…