CVE-2026-22740
mediumCVSS v3 Base Score
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 84% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Published: April 29, 2026 (72 days ago)
Last Modified: April 29, 2026
Vendor: Red Hat
Source: REDHAT
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in Spring WebFlux, a component of the Spring Framework. A remote attacker can exploit this vulnerability by sending specially crafted multipart requests to a WebFlux server application. When processing these requests, the server creates temporary files that, under certain conditions, are not properly deleted. This can lead to an accumulation of temporary files, consuming available disk space and potentially causing a Denial of Service (DoS) for the affected system.
CWE
CWE-459Affected Products
Red Hat build of Apache Camel - HawtIO 4Red Hat Fuse 7Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform Expansion Pack