diff --git a/.gitmodules b/.gitmodules
index 389186c0193ea7d05d04cb1456c1cec63907e7a9..6ee874bacd796709de4669d922887a302dbfaba8 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -5,3 +5,6 @@
 [submodule "cve/django/2022/CVE-2022-28346/POC_env"]
 	path = cve/django/2022/CVE-2022-28346/POC_env
 	url = https://github.com/DeEpinGh0st/CVE-2022-28346
+[submodule "cve/apache-Shiro/2022/CVE-2022-32532"]
+	path = cve/apache-Shiro/2022/CVE-2022-32532
+	url = https://github.com/Lay0us1/CVE-2022-32532
diff --git a/cve/apache-Shiro/2022/CVE-2022-32532 b/cve/apache-Shiro/2022/CVE-2022-32532
new file mode 160000
index 0000000000000000000000000000000000000000..58c03400ee5ad0fa4bd8b5d1908c750b6c42a34b
--- /dev/null
+++ b/cve/apache-Shiro/2022/CVE-2022-32532
@@ -0,0 +1 @@
+Subproject commit 58c03400ee5ad0fa4bd8b5d1908c750b6c42a34b
diff --git a/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml b/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..12fb0f1aced261e773290a27a814ff19ec8c1317
--- /dev/null
+++ b/cve/apache-Shiro/2022/yaml/CVE-2022-32532.yaml
@@ -0,0 +1,23 @@
+id: CVE-2022-32532
+source: https://github.com/Lay0us1/CVE-2022-32532
+info:
+  name: Apache Shiro是美国阿帕奇（Apache）基金会的一套用于执行认证、授权、加密和会话管理的Java安全框架。
+  severity: CRITICAL
+  description: |
+    在Apache Shiro中，RegexRequestMatcher可以被错误配置为在某些servlet容器上被绕过。应用程序使用RegExPatternMatcher和正则表达式中的'.'可能容易受到旁路授权的攻击。
+  scope-of-influence:
+    Apache Shiro 1.9.1之前
+  reference:
+    - https://lists.apache.org/thread/y8260dw8vbm99oq7zv6y3mzn5ovk90xh
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32532
+    - https://www.cybersecurity-help.cz/vdb/SB2022062909
+    - https://cxsecurity.com/cveshow/CVE-2022-32532/
+    - https://vigilance.fr/vulnerability/Oracle-Fusion-Middleware-vulnerabilities-of-October-2022-39612
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-32532
+    cwe-id: CWE-863
+    cnvd-id: CNNVD-202206-2750
+    kve-id: None
+  tags: 旁路授权
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index 76b55ee1523e39d3b21a2cffe91e095c91d41365..5d5c89dd537898f0aad7d83cb346d87d988788d3 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -40,7 +40,9 @@ cve:
   apache-unomi:
     - CVE-2020-13942
   apache-struts:
-    - CVE-2019-0230  
+    - CVE-2019-0230
+  apache-Shiro:
+    - CVE-2022-32532
   Influx-DB:
     - CVE-2019-20933
   linux-kernel: