CVE-2026-22750

HIGH

SSL bundle configuration silently bypassed in Spring Cloud Gateway

Title source: cna

Description

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud Gateway 4.2.0 and are not an enterprise customer, you can upgrade to any Spring Cloud Gateway 4.2.x release newer than 4.2.0 available on Maven Centeral https://repo1.maven.org/maven2/org/springframework/cloud/spring-cloud-gateway/ . Ideally if you are not an enterprise customer, you should be upgrading to 5.0.2 or 5.1.1 which are the current supported open source releases.

References (1)

https://spring.io/security/cve-2026-22750

Scores

CVSS v3 7.5

EPSS 0.0004

EPSS Percentile 13.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-15

Status published

Products (2)

org.springframework.cloud/spring-cloud-gateway 0 - 4.2.1Maven

VMware/Spring Cloud Gateway 4.2.0 - 4.2.1

Published Apr 10, 2026

Tracked Since Apr 10, 2026