EUVD-2026-12667
CVSS Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information.
Analysis
Cloud Foundry CAPI Release contains unprotected internal endpoints that allow attackers who have bypassed perimeter firewall controls to replace application droplets and access sensitive application data. The vulnerability affects Cloud Foundry CAPI Release version 1.226.0 and earlier, and CF Deployment version 54.9.0 and earlier across all platforms. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit firewall rules and network segmentation to identify and restrict unauthorized access to Cloud Foundry internal endpoints; verify current CF Deployment and Capi Release versions across all environments. Within 7 days: Implement enhanced monitoring and logging on internal Cloud Foundry endpoints; conduct threat assessment to identify critical applications at highest risk of compromise. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today