Skip to main content
Question

Rundeck Vulnerability reported - CVE-2026-22732

  • May 5, 2026
  • 2 replies
  • 90 views
C
Forum|alt.badge.img

Hi all, quick vulnerability question.

Our vulnerability software has flagged up Rundeck v5.20 with CVE-2026-22732 because of the component spring-security-web-5.8.15.jarย 

I could not find anything about this CVE in this forum or Rundeck web page.

How can we find out if thereโ€™s a fix for this coming up soon?

Is there a place to report this?

Thanks!

2 replies

M
Forum|alt.badge.img
  • MegaDrive68k
  • PagerDuty Team ๐Ÿ“Ÿ
  • May 5, 2026

Hi โ€‹@Carlos.Aย ย I've reported this to the engineering team. Thanks a lot for your feedback!ย 

    C
    Forum|alt.badge.img
    • Carlos.A
    • Author
    • New Member ๐Ÿ‘‹
    • May 7, 2026

    Really appreciate it โ€‹@MegaDrive68kย 

    Does PagerDuty have an SLA for remediating critical CVEs?

    Our Security department is pretty strict, and itโ€™s mandatory for us to remediate CVEs on our live systems.

    ย 

    Thanks again, Carlos

    Terms & ConditionsAccessibility statement