CVE-2025-22228 is a vulnerability identified in the Spring Security framework, specifically affecting the BCryptPasswordEncoder.matches(CharSequence, String) method. This method is responsible for verifying if a provided plaintext password matches a stored BCrypt hashed password. The vulnerability arises because BCrypt inherently limits password input to 72 characters, truncating any characters beyond this length. However, the affected method incorrectly returns true for passwords longer than 72 characters as long as the first 72 characters match the stored hash. This means that an attacker can append arbitrary characters beyond the 72-character limit without affecting the password verification outcome, effectively bypassing the intended password complexity and length constraints. The affected versions span multiple major releases of Spring Security, including 5.7.x through 6.4.x, indicating a long-standing issue across recent and current versions. Although no known exploits are currently reported in the wild, the flaw represents a significant authentication bypass risk (CWE-287: Improper Authentication). The vulnerability could allow attackers to authenticate successfully with passwords that should not be valid, undermining the integrity of user authentication mechanisms in applications relying on Spring Security's BCryptPasswordEncoder. Since Spring Security is widely used in Java-based enterprise applications, this vulnerability has broad implications for systems that rely on it for secure password verification.

For European organizations, the impact of this vulnerability can be substantial. Many enterprises, government agencies, and critical infrastructure providers in Europe utilize Java and Spring frameworks for their web applications and services. The vulnerability undermines the authentication process, potentially allowing unauthorized access to sensitive systems and data. This could lead to data breaches, unauthorized transactions, and lateral movement within networks. The flaw compromises confidentiality by enabling attackers to bypass password checks, integrity by allowing unauthorized actions under compromised accounts, and availability if attackers leverage access to disrupt services. Given the widespread adoption of Spring Security in sectors such as finance, healthcare, public administration, and telecommunications across Europe, exploitation could result in significant operational and reputational damage. Additionally, the vulnerability's presence in multiple major versions increases the likelihood that many organizations have vulnerable deployments. The absence of known exploits in the wild currently provides a window for mitigation, but the ease of exploitation—due to the fundamental nature of password verification—means that attackers could develop exploits rapidly once the vulnerability is publicly known.

To mitigate this vulnerability, organizations should prioritize upgrading to a patched version of Spring Security once available, as no official patches are currently linked. In the interim, developers should implement additional password validation logic to enforce maximum password length constraints at the application level, ensuring that passwords exceeding 72 characters are rejected before reaching the BCryptPasswordEncoder. Alternatively, organizations can consider switching to password encoders that do not truncate input or that handle longer passwords securely. It is also advisable to audit authentication logs for anomalous login attempts involving unusually long passwords. Implementing multi-factor authentication (MFA) can provide an additional security layer to reduce the risk of unauthorized access even if password verification is bypassed. Security teams should review and update password policies and educate developers about this limitation in BCrypt. Finally, organizations should monitor threat intelligence feeds for any emerging exploits targeting this vulnerability to respond promptly.