CVE-2026-22726: Route Services Firewall Bypass

Published Apr 30, 2026
·
Updated

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks reachable by the Gorouter, which may not have previously had direct access from outside networks, or from the application. Routing release: affected from v0.118.0 through v0.371.0 (inclusive); upgrade to v0.372.0 or greater. CF Deployment: affected from v0.0.2 through v54.14.0 (inclusive); upgrade to v55.0.0 or greater (includes routingrelease v0.372.0).

Affected Software

4 affected components
Cloud Foundry routing-release>=0.118.0<=0.371.0
Cloud Foundry cf-deployment>=0.0.2<=54.14.0
Cloudfoundry Cf-deployment>=0.0.2<55.0.0
Cloudfoundry Routing release>=0.118.0<0.372.0

Event History

Apr 30, 2026
CVE Published
via MITRE·11:17 PM
Data Sourced
via MITRE·11:17 PM
DescriptionSeverityWeakness
May 1, 2026
Data Sourced
via NVD·12:16 AM
DescriptionSeverityWeaknessAffected Software
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2026-22726?

CVE-2026-22726 is considered a high-severity vulnerability due to its potential for bypassing egress rules.

2

How do I fix CVE-2026-22726?

To fix CVE-2026-22726, ensure that your Cloud Foundry routing-release and cf-deployment versions are updated to the latest secure releases.

3

What are the affected versions for CVE-2026-22726?

CVE-2026-22726 affects Cloud Foundry routing-release versions between 0.118.0 and 0.371.0, and cf-deployment versions between 0.0.2 and 54.14.0.

4

What impact does CVE-2026-22726 have on applications?

CVE-2026-22726 allows unauthorized routing of app traffic to external destinations, which can lead to data exfiltration or other malicious activities.

5

Who can exploit CVE-2026-22726?

CVE-2026-22726 can be exploited by a malicious developer with access to the Cloud Foundry environment.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203