diff --git a/vulnerabilities-CVEd/CVE-2022-22965-spring_data_binding_rce.bcheck b/vulnerabilities-CVEd/CVE-2022-22965-spring_data_binding_rce.bcheck
index 6aca2a9..f1fde82 100644
--- a/vulnerabilities-CVEd/CVE-2022-22965-spring_data_binding_rce.bcheck
+++ b/vulnerabilities-CVEd/CVE-2022-22965-spring_data_binding_rce.bcheck
@@ -20,7 +20,7 @@ given request then
         if {check2.response.status_code} is {base.response.status_code} then
             report issue:
                 severity: high
-                confidence: firm
+                confidence: tentative
                 detail: "find CVE-2022-22965 Spring Data Binding RCE"
                 remediation: "update Spring Data Binding."
         end if