Unrated severityCISA KEVNVD Advisory· Published Jun 3, 2022· Updated Oct 21, 2025
CVE-2022-26134
CVE-2022-26134
Description
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>=1.3.0, <7.4.17; >=7.13.0, <7.13.7; >=7.14.0, <7.14.3; >=7.15.0, <7.15.2; >=7.16.0, <7.16.4; >=7.17.0, <7.17.4; >=7.18.0, <7.18.1+ 1 more
- (no CPE)range: >=1.3.0, <7.4.17; >=7.13.0, <7.13.7; >=7.14.0, <7.14.3; >=7.15.0, <7.15.2; >=7.16.0, <7.16.4; >=7.17.0, <7.17.4; >=7.18.0, <7.18.1
- (no CPE)range: next of 1.3.0
- Range: next of 1.3.0
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.htmlmitrex_refsource_MISC
- confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.htmlmitrex_refsource_MISC
- jira.atlassian.com/browse/CONFSERVER-79016mitrex_refsource_MISC
News mentions
1- Inside the customer environment: Where threat actors, vulnerabilities, and exposed assets intersectTenable Blog · May 27, 2026