CVE-2026-22746 | Vmware Spring Security up to 7.0.4 DaoAuthenticationProvider UserDetails information disclosure

Inserito da Angelo Barbosa | Apr 22, 2026 | CVE

A vulnerability classified as problematic has been found in Vmware Spring Security up to 7.0.4. Affected by this issue is some unknown functionality of the component DaoAuthenticationProvider. This manipulation of the argument UserDetails causes information disclosure.

This vulnerability is tracked as CVE-2026-22746. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-22746 | Vmware Spring Security up to 7.0.4 DaoAuthenticationProvider UserDetails information disclosure

Post correlati

CVE-2024-29008 | Apache CloudStack up to 4.18.1.0/4.19.0.0 extraconfig access control

CVE-2025-1447 | kasuganosoras Pigeon 1.0.177 index.php url server-side request forgery

CVE-2025-9994 | Amped RF BT-AP 111 HTTP Admin Interface missing authentication

CVE-2025-0428 | AI Power Plugin up to 1.8.96 on WordPress wpaicg_export_prompts code injection