Spring Boot has an Authentication Bypass under Actuator CloudFoundry endpoints

🗓️ 20 Mar 2026 00:31:28Reported by GitHub Advisory DatabaseType

Spring Boot Actuator CloudFoundry endpoints may allow authentication bypass for protected endpoints.

Reporter	Title	Published	Views	Family All 36
IBM Security Bulletins	Security Bulletin: DevOps Test Performance contains a vulnerability due to use of Spring Boot	20 Apr 202614:26	–	ibm
IBM Security Bulletins	Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring	31 Mar 202616:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions	31 Mar 202612:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring	28 May 202613:24	–	ibm
IBM Security Bulletins	Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring	31 Mar 202616:56	–	ibm
IBM Security Bulletins	Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring	31 Mar 202616:54	–	ibm
IBM Security Bulletins	Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.	27 Apr 202607:43	–	ibm
ATTACKERKB	CVE-2026-22731	19 Mar 202622:36	–	attackerkb
ATTACKERKB	CVE-2026-22733	19 Mar 202623:29	–	attackerkb
Chainguard	CVE-2026-22733 vulnerabilities	1 Apr 202619:17	–	cgr