Authentication Bypass in cf-auth-proxy for Cloud Foundry Foundation
CVE-2026-40964

7.5HIGH

Key Information:

Vendor: Cloud Foundry Foundation
Status: Log-cache Release; Cf Deployment
Vendor: CVE Published:; 1 June 2026

🔔 Create Cloud Foundry Foundation Vulnerability Alert

What is CVE-2026-40964?

A significant vulnerability in the cf-auth-proxy component of Cloud Foundry allows unauthenticated attackers to exploit the system by minting a JSON Web Token (JWT). This token is accepted as a valid logs.admin token, permitting attackers to gain unauthorized read access to critical logs and metrics associated with every application and platform component. This incident underscores the importance of robust authentication mechanisms to ensure that sensitive information remains protected.

Affected Version(s)

CF Deployment 0 <= 55.?.0

log-cache_release 0 <= 3.2.6

References

https://www.cloudfoundry.org/blog/cve-2026-40964-read-acc...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Apr 16, 2026

CVE-2026-40964 Data

JSON