CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/03/28 10:51 a.m.•1 views

CVE-2026-22742

Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...

8.6CVSS5.9AI score0.00081EPSS

Exploits0References1

vulnersOsv•added 2026/03/27 7:20 a.m.•2 views

com.embabel.agent:embabel-agent-bedrock-autoconfigure (=0.2.0), com.embabel.agent:embabel-agent-starter-bedrock (=0.2.0) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-bedrock-converse (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-bedrock-converse MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791534...

8.6CVSS5.8AI score0.00081EPSS

Exploits0

vulnersOsv•added 2026/03/27 7:20 a.m.•3 views

org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.0.0-M7, =1.0.0, =1.0.0, =1.0.4 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...

8.6CVSS5.8AI score0.00081EPSS

Exploits0

vulnersOsv•added 2026/03/27 7:20 a.m.•3 views

com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...

8.6CVSS5.8AI score0.00081EPSS

Exploits0

vulnersOsv•added 2026/03/27 7:20 a.m.•2 views

com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +4 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-bedrock-converse (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-bedrock-converse MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =.30.0.rc5, =3.3.0.rc2, =3.3.0.rc2, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791534...

8.6CVSS5.8AI score0.00081EPSS

Exploits0

vulnersOsv•added 2026/03/27 6:31 a.m.•2 views

org.springframework.ai:spring-ai-bedrock-converse MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22742 Source advisory: OSV:GHSA-MHRG-94VW-45C5...

8.6CVSS5.8AI score0.00081EPSS

Exploits0

Circl•added 2026/03/26 8:5 p.m.•1 views

CVE-2026-22742

creationtimestamp| type| source ---|---|--- 2026-03-26 20:05:49+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/spring-security-advisory-av26-288 2026-03-27 07:00:49+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mhzkbsrncs2v 2026-03-27 07:18:31+00:00| seen|...

8.6CVSS4.8AI score0.00081EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by