Initiatieven voor
Als nationale autoriteit voor cyberveiligheid heeft het CCB verschillende initiatieven ontwikkeld voor specifieke doelgroepen die hier worden gepresenteerd.
Warning: Multiple types of client-side attacks in Spring Security, Patch Immediately!
Image
Gepubliceerd : 20/03/2026
- Last update: 20/03/2026
- Affected software:
→ Spring Security 5.7.0 through 7.0.3- Type: Multiple types of client-side attacks
- CVE/CVSS
→ CVE-2026-22732: CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
Sources
https://spring.io/security/cve-2026-22732
Risks
A newly discovered vulnerability in Spring Security allows attackers to bypass HTTP security headers in servlet applications, potentially exposing sensitive data and leaving web applications defenseless against a wide range of client-side attacks.
Spring Security is a widely adopted authentication and access control framework used by organizations worldwide to secure Java-based web applications, REST APIs, and microservices against unauthorized access, session hijacking, and malicious web attacks.
If exploited this could lead to data breaches, system compromise, and operational downtime impacting confidentiality, integrity, and availability of critical businesses.
Description
A critical security vulnerability, CVE-2026-22732, has been identified in Spring Security versions 5.7.0 through 7.0.3, where HTTP response headers for servlet applications may not be written under certain conditions, potentially exposing applications to various attacks including sensitive data disclosure via caching mechanisms. Users of affected versions should upgrade immediately to the corresponding fixed release: 5.7.22, 5.8.24, 6.3.15, 6.4.15 (Enterprise Support), or 6.5.9 and 7.0.4 (OSS). Older, unsupported versions may also be affected and should be migrated to a supported release as a priority.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity and ensure a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may protect against future exploitation, it does not remediate historic compromise.