System	Score	Found at
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22234.json
epss	0.00022	https://api.first.org/data/v1/epss?cve=CVE-2025-22234
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2025-22234
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-vqxh-445g-37fc
cvssv3.1	5.3	https://github.com/spring-projects/spring-security
generic_textual	MODERATE	https://github.com/spring-projects/spring-security
cvssv3.1	5.3	https://nvd.nist.gov/vuln/detail/CVE-2025-22234
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2025-22234
cvssv3.1	5.3	https://spring.io/security/cve-2025-22234
generic_textual	MODERATE	https://spring.io/security/cve-2025-22234
cvssv3.1	5.3	https://spring.io/security/cve-2025-22234/
ssvc	Track	https://spring.io/security/cve-2025-22234/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22234.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-22234
		https://github.com/spring-projects/spring-security
2432173		https://bugzilla.redhat.com/show_bug.cgi?id=2432173
cve-2025-22234		https://spring.io/security/cve-2025-22234/
CVE-2025-22234		https://nvd.nist.gov/vuln/detail/CVE-2025-22234
CVE-2025-22234		https://spring.io/security/cve-2025-22234
GHSA-vqxh-445g-37fc		https://github.com/advisories/GHSA-vqxh-445g-37fc

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22234.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/spring-projects/spring-security

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2025-22234

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://spring.io/security/cve-2025-22234

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://spring.io/security/cve-2025-22234/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-22T21:27:06Z/ Found at https://spring.io/security/cve-2025-22234/

---

Percentile	0.06347
EPSS Score	0.00022
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T17:17:17.068420+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2025/22xxx/CVE-2025-22234.json	38.6.0