All capabilities
Critical (9.8)Extreme danger
Spring Framework RCE (Spring4Shell)
CVE-2022-22965CVSS 9.8EPSS 1.00
Critical impact. If this is found on your site, treat it as urgent. It can lead to real damage and is worth fixing before anything else.
What it is
Remote code execution in Spring MVC/WebFlux apps running on JDK 9+ via data-binding.
How attackers abuse it
This is a specific, publicly known vulnerability. Once disclosed, automated tools scan the whole internet for affected versions and exploit them within hours, no targeting required.
Attacker playbook
- 1Scan broadly for the software and version this CVE affects.
- 2Fire the public exploit or proof-of-concept at every match.
- 3Use the foothold (often code execution) to take over and spread.
How VibeSec detects and confirms it
VibeSec detects CVE-2022-22965 with Nuclei, which checks for the affected software and version during a scan. Because this is a named, published vulnerability, it is reported as a confirmed match when found, not a guess.
Nuclei
If this is in your report: how to fix it
- Update the affected software to a patched version now; this is actively exploited class of issue.
- If you cannot patch immediately, apply the vendor's documented mitigation.
- Check logs for signs of exploitation, since these are scanned constantly.
Check your site for this
Run a scan and see whether this affects you, in plain language with copy-paste fixes.
Scan your site for free