{"cve":{"cve_id":"CVE-2022-26134","is_kev":true,"kev_date_added":"2022-06-02","kev_vendor_project":"Atlassian","kev_product":"Confluence Server/Data Center","kev_vulnerability_name":"Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability","kev_short_description":"Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.","kev_required_action":"Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.","kev_due_date":"2022-06-06","kev_known_ransomware":true,"kev_notes":"https://nvd.nist.gov/vuln/detail/CVE-2022-26134","kev_cwes":["CWE-917"],"epss_score":0.99999,"epss_percentile":0.99993,"epss_as_of":"2026-06-23","description":"In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.","published_at":"2022-06-03T21:51:57.134000Z","last_modified_at":null,"cvss_v3_score":9.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-917"],"nvd_references":["https://jira.atlassian.com/browse/CONFSERVER-79016","http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html","http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html","http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html","http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html","https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html"],"vuln_status":null,"trending_score":0.6099982000000002,"is_trending":true,"has_trended":true,"trended_number_one":false,"trending_peak_score":0.6099982000000002,"trending_peak_rank":31,"started_trending_at":"2026-06-29T02:30:27.366045Z","trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T02:30:27.550645Z"},"effective_severity":"CRITICAL","badges":["kev","ransomware","poc","trending","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"next of 1.3.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:next of 1.3.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.4.17","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.4.17"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"7.13.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:7.13.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.13.7","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.13.7"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"7.14.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:7.14.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.14.3","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.14.3"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"7.15.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:7.15.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.15.2","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.15.2"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"7.16.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:7.16.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.16.4","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.16.4"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"7.17.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:7.17.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.17.4","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.17.4"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"7.18.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:7.18.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-data-center","product_name":"Confluence Data Center","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.18.1","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-data-center:unspecified:7.18.1"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"next of 1.3.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:next of 1.3.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.4.17","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.4.17"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"7.13.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:7.13.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.13.7","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.13.7"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"7.14.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:7.14.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.14.3","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.14.3"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"7.15.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:7.15.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.15.2","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.15.2"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"7.16.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:7.16.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.16.4","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.16.4"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"7.17.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:7.17.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.17.4","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.17.4"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"7.18.0","version_start_inclusive":true,"version_end":"unspecified","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:7.18.0:unspecified"},{"vendor_slug":"atlassian","vendor_name":"Atlassian","product_slug":"confluence-server","product_name":"Confluence Server","version_start":"unspecified","version_start_inclusive":true,"version_end":"7.18.1","version_end_inclusive":false,"cpe23_uri":"cve5:atlassian:confluence-server:unspecified:7.18.1"}],"exploit_refs":[{"source":"nuclei","kind":"nuclei","url":"https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-26134.yaml","title":"Confluence - Remote Code Execution","author":"pdteam,jbertman","disclosed_at":null}],"news":[],"references":[{"url":"https://jira.atlassian.com/browse/CONFSERVER-79016","source_type":"MISC","tags":[]},{"url":"http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html","source_type":"EXPLOIT","tags":["exploit"]},{"url":"https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html","source_type":"MISC","tags":[]}],"timeline":[{"type":"cisa_reported","at":"2022-06-02T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"published","at":"2022-06-03T21:51:57.134000Z","label":"CVE published","source":null},{"type":"poc_available","at":"2026-06-24T00:29:48.638073Z","label":"Public PoC available","source":"nuclei"},{"type":"cvss_changed","at":"2026-06-28T17:21:49.885041Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:21:49.885041Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:21:49.885041Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:01:26.728167Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:01:26.728167Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:01:26.728167Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"started_trending","at":"2026-06-29T02:30:27.366045Z","label":"Started trending","source":null}]}