How is CVE-2026-47065 exploited?

Network reachability (required): The attacker must reach the MINA service over the network; no local or physical access is needed (AV:N). Authentication (not-required): No credentials are needed to send a crafted serialized stream to the exposed endpoint (PR:N). Victim interaction (not-required): The exploit is fully server-side; no user action or social engineering is required (UI:N). Attack complexity (info): Exploitation is reliable and condition-free: the attacker only needs to craft a valid Java serialization stream with a TC_PROXYCLASSDESC marker or a named allow-listed class, with no race conditions or special environmental state required (AC:L).

What is the impact of CVE-2026-47065?

A successful attacker can read arbitrary in-memory and on-disk data accessible to the MINA process, including session tokens, credentials, and application data (C:H). The attacker can write or modify persisted application state, inject commands, or alter data processed by the server (I:H). The attacker can crash or hang the MINA service, causing a denial of service for all clients depending on it (A:H). Because both bypass paths execute code through the JVM's own class-loading and static-initializer machinery, exploitation is possible even against deployments that believe their deserialization filter is correctly configured.

Back to search

CRITICALCVE-2026-47065Published 2026-06-03Modified 2026-06-03CNA apache

CVE-2026-47065: Apache MINA: Critical Deserialization Allow-list Bypass via resolveProxyClass - ZDRES-232

ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed. When the serialised stream contains a TC_PROXYCLASSDESC (the marker for a java.lang.reflect.Proxy ), JDK’s ObjectInputStream.readProxyDesc() is dispatched. JDK then calls the default ObjectInputStream.resolveProxyClass(interfaces) implementation, which performs Class.forName(intf, false, latestUserDefinedLoader()) for EACH interface name and constructs the proxy class â€” bypassing the accepted classes list . ZDRES-233: Class.forName(name, initialize=true, classLoader) in readClassDescriptor Triggers Static Initialiser of Allow-Listed Classes Assessment: Fully addressed. For ANY class on the allow-list, deserialising a stream that names it triggers the class’s (static initialiser) BEFORE any instance is constructed. This means an attacker who supplies a class name on the allow-list (e.g., the developer wrote accept(“com.myapp.*") , attacker supplies com.myapp.SomeClass ) causes <clinit> of SomeClass â€” and many real-world classes have side-effecting static initialisers Both issues have been fixed.

CVSS v3.1: 9.8
Severity: CRITICAL
Fixed in: 2.0.29
Affected Products: 1

HarborGuard Analysis

Synopsis

This is a Java deserialization allow-list bypass affecting Apache MINA, a network application framework. The vulnerability is reachable over the network with no authentication or user interaction required, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). Two related weaknesses let an attacker bypass the class accept-list filter: one via crafted proxy class descriptors (TC_PROXYCLASSDESC) that cause the JDK to load arbitrary interfaces without consulting the allow-list, and another by triggering static initializers on allow-listed classes before any instance is constructed, enabling side-effecting code execution. Successful exploitation gives an attacker full read, write, and disruption capability against the affected service. Patched-image rebuilds at versions 2.0.29, 2.1.13, and 2.2.8 are available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds (NVD, Apache advisories, and CNA feeds) within minutes of publication and matched against all customer images, including custom-built images that bundle Apache MINA as a transitive dependency. Any image containing an affected MINA version (2.0.x before 2.0.29, 2.1.x before 2.1.13, 2.2.x before 2.2.8) is flagged immediately in the registry scan and in CI/CD pipeline checks.

Available

Triage

HarborGuard is capable of scoring this finding at CVSS 9.8 Critical (v3.1) and weighting it against each environment's compliance policy to determine breach thresholds and escalation rules. Triage results are routed to the appropriate team inbox within each customer organization based on image ownership and policy configuration.

Available

Patch

A patched-image rebuild at the applicable fix version (2.0.29, 2.1.13, or 2.2.8 depending on the branch in use) becomes available on HarborGuard once the upstream release is confirmed. For customers who opt into auto-remediation, HarborGuard rebuilds the image, runs a regression test suite, and opens a pull request against affected workloads; for high and critical severity issues the median time from CVE publication to merged patch PR is around 90 minutes in environments with auto-remediation enabled.

Available

Exploit Conditions

Network reachabilityRequired
The attacker must reach the MINA service over the network; no local or physical access is needed (AV:N).
AuthenticationNot required
No credentials are needed to send a crafted serialized stream to the exposed endpoint (PR:N).
Victim interactionNot required
The exploit is fully server-side; no user action or social engineering is required (UI:N).
Attack complexityDetail
Exploitation is reliable and condition-free: the attacker only needs to craft a valid Java serialization stream with a TC_PROXYCLASSDESC marker or a named allow-listed class, with no race conditions or special environmental state required (AC:L).

Blast Radius

A successful attacker can read arbitrary in-memory and on-disk data accessible to the MINA process, including session tokens, credentials, and application data (C:H).
The attacker can write or modify persisted application state, inject commands, or alter data processed by the server (I:H).
The attacker can crash or hang the MINA service, causing a denial of service for all clients depending on it (A:H).
Because both bypass paths execute code through the JVM's own class-loading and static-initializer machinery, exploitation is possible even against deployments that believe their deserialization filter is correctly configured.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-47065 is active across all customer image scans with no additional configuration needed. For environments running Apache MINA 2.0.x, 2.1.x, or 2.2.x at affected versions, a patched-image rebuild targeting 2.0.29, 2.1.13, or 2.2.8 (respectively) is available. For customers who opt into auto-remediation, HarborGuard rebuilds the image at the fix version, executes the configured regression suite, and opens a pull request against affected workloads automatically. Given the Critical (9.8) severity and zero-barrier exploitation profile, this CVE qualifies for expedited handling: for environments with auto-remediation enabled, the median time from publication to merged patch PR for critical-severity issues is around 90 minutes. Where compliance policy does not permit auto-remediation, HarborGuard surfaces the finding with fix-version guidance so engineering teams can prioritize manual remediation. Customers who cannot upgrade immediately should consider network-policy controls to restrict which clients can reach MINA deserialization endpoints as a compensating measure until the patched image is deployed.

See how HarborGuard automates this

Fix available

2.0.292.1.132.2.8

Affected packages

Apache Software Foundation / Apache MINA
< 2.2.8 (from 2.2.0) · < 2.1.13 (from 2.1.0) · < 2.0.29 (from 2.0.0)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

lists.apache.org

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available