CVE-2026-22747

Summary

Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. This issue affects Spring Security: from 7.0.0 through 7.0.4.

Affected Software

VendorProductVersion RangeStatus
SpringSpring Security7.0.0 <= 7.0.4affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

Spring Security: Spring Security: User impersonation via malformed X.509 certificate Common Name (CN) values

Additional References

References