CVE-2026-22726

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks...

CVE-2026-22734

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

EUVD-2026-33817

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC Elliptic Curve private keys are inadvertently exposed through the public /tokenkeys endpoint. This endpoint is designed to provide public key material for JW...

CVE-2026-40965

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC Elliptic Curve private keys are inadvertently exposed through the public /tokenkeys endpoint. This endpoint is designed to provide public key material for JW...

CVE-2026-40964

Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and platform component via minting a JWT that the cf-auth-proxy accepts as a valid logs.admin token...

Cloud Foundry UAA security vulnerabilities

Cloud Foundry UAA is an identity verification and management service terminal designed for the CloudFoundry platform by the Cloud Foundry Foundation in the United States. There is a security vulnerability in Cloud Foundry UAA, which stems from the exposure of private keys. This vulnerability may...

PT-2026-45616

Name of the Vulnerable Software and Affected Versions Cloud Foundry UAA versions v76.12.0 through v78.12.0 CF Deployment versions v30.0.0 through v56.0.0 Description Private key exposure occurs when the server inadvertently reveals Elliptic Curve EC private keys through the public '/token keys'...

CVE-2026-22726

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks...

EUVD-2026-26458

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks...

CVE-2026-22734

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

CVE-2026-22727

CVE-2026-22727 affects Cloud Foundry components where unprotected internal endpoints in Capi Release 1.226.0 and below and CF Deployment v54.9.0 and below allow bypassed-internal-network users to potentially replace droplets and access secure app information. The issue centers on exposed internal...

GHSA-6WCW-R64P-QRRW Cloudfoundry UAA has logic error in the token revocation endpoint implementation

Inappropriate user token revocation due to a logic error in the token revocation endpoint implementation in Cloudfoundry UAA v77.30.0 to v78.7.0 and in Cloudfoundry Deployment v48.7.0 to v54.10.0...

CVE-2024-22279

Improper handling of requests in Routing Release v0.273.0 and = v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale...

CVE-2024-22279 GoRouter Denial of Service Attack

Improper handling of requests in Routing Release v0.273.0 and = v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale...

CVE-2024-22279

CVE-2024-22279 affects Cloud Foundry routing (GoRouter). The issue is an improper handling of requests in Routing Release versions v0.273.0 up to and including v0.297.0, allowing an unauthenticated attacker to degrade service availability at scale (DoS). Affected products: Routing Release and CF ...

Cloud Foundry CAPI 信任管理问题漏洞

Cloud Foundry CAPI is a cloud controller from the Cloud Foundry Foundation in the United States. A security vulnerability exists in Cloud Foundry CAPI versions 1.140 through 1.152.0, Loggregator-agent v7+, and CF Deployment versions 24.7.0 through 29.0.0, which originates in Cloud foundry instanc...

Cloud Foundry Foundation uaa-release, uaa and cf-deployment elevation of privilege vulnerabilities

Cloud Foundry Foundation cf-deployment is a suite of open source Platform-as-a-Service PaaS cloud computing platforms that provide container scheduling, continuous delivery, and automated service deployment. uaa-release and uaa are both different versions of CF's authentication and managed servic...

Cloud Controller, cf-deployment and cf-release authentication vulnerabilities

Cloud Foundry is an open source Platform-as-a-Service PaaS cloud computing platform from the Cloud Foundry Foundation in the United States, which provides container scheduling, continuous delivery, and automated service deployment, among other features. cf-release is a release version of CF...

Pivotal Cloud Foundry cf-deployment and routing-release denial of service vulnerabilities

Pivotal Cloud Foundry CF is a suite of open source Platform-as-a-Service PaaS cloud computing platforms from Pivotal Software in the United States, which provides container scheduling, continuous delivery, and automated service deployment, among other things. cf-deployment is its development...