20 matches found
ai.koog:koog-spring-ai-starter-vector-store (>=0.8.0 <=0.8.0-rc-1), ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6) +241 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-vector-store (>=1.1.0 <=1.1.4)
org.springframework.ai:spring-ai-vector-store MAVEN version =1.1.0, =0.8.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =25.4.0, =1.21.2, =0.1.0, =0.3.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-40967 Source advisory: OSV:GHSA-QC4J-QJQX-VR58...
CVE-2026-40967
Summary : CVE-2026-40967 affects Spring AI 1.0.0–1.0.5 (fix in 1.0.6) and 1.1.0–1.1.4 (fix in 1.1.5). In several FilterExpressionConverter implementations, filter expression keys/values aren’t properly escaped, enabling an attacker to alter vector store queries. This could impact query integrity ...
ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +9 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-pgvector-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-pgvector-store MAVEN version =1.1.0-M1, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.0.6, =4.0.5.20260423.1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321394...
ai.intelliswarm:swarmai-core (>=1.0.0 <=1.0.28), ai.intelliswarm:swarmai-distributed (>=1.0.0 <=1.0.28) +12 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-pgvector-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-pgvector-store MAVEN version =1.0.0-M5, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =4.2.3, =0.0.1, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321394...
org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-milvus-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-milvus-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321391...
org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-typesense-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-typesense-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321396...
org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.0.0 <=1.0.5), org.springframework.ai:spring-ai-typesense-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-typesense-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-typesense-store MAVEN version =1.0.0-M5, =1.0.0, =1.0.0-M5, =1.0.0-M6 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321396...
ai.koog:koog-spring-ai-starter-vector-store (>=0.8.0 <=0.8.0-rc-1), ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6) +242 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-vector-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-vector-store MAVEN version =1.1.0-M1, =0.8.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =25.4.0, =1.21.2, =0.1.0, =0.3.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316422...
ai.driftkit:driftkit-vector-spring-ai (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-vector-spring-ai-starter (>=0.6.0 <=0.8.7) +196 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-vector-store (>=1.0.0-M7 <=1.0.5)
org.springframework.ai:spring-ai-vector-store MAVEN version =1.0.0-M7, =0.6.0, =0.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =1.0.28 - com.alibaba.cloud.ai.autoconfigure.memory.long:spring-ai-alibaba-autoconfigure-memory-long =1.0.0.4 -...
io.github.tyran8x:tr-common-ai (>=4.0.5.20260423.1 <=4.0.6.20260502.2), org.springframework.ai:spring-ai-starter-vector-store-redis (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-redis-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-redis-store MAVEN version =1.1.0-M1, =4.0.5.20260423.1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321395...
com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321395...
org.springframework.ai:spring-ai-starter-vector-store-couchbase (>=1.0.0 <=1.0.5) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-couchbase-store (>=1.0.0-M7 <=1.0.5)
org.springframework.ai:spring-ai-couchbase-store MAVEN version =1.0.0-M7, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316423...
io.github.vishalmysore:easyQServer (>=0.2.8.11.1 <=0.2.8.12.3), org.springframework.ai:spring-ai-mongodb-atlas-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +1 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-mongodb-atlas-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-mongodb-atlas-store MAVEN version =1.0.0-M5, =0.2.8.11.1, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321392...
org.springframework.ai:spring-ai-starter-vector-store-gemfire (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-gemfire-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-gemfire-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321389...
com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-rag-elasticsearch (>=1.1.0.0 <=1.1.2.3), com.alibaba.cloud.ai:spring-ai-alibaba-rag (>=1.1.0.0 <=1.1.2.3) +2 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-elasticsearch-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-elasticsearch-store MAVEN version =1.1.0-M1, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321388...
org.springframework.ai:spring-ai-starter-vector-store-oracle (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-oracle-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-oracle-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321393...
org.springframework.ai:spring-ai-oracle-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6), org.springframework.ai:spring-ai-starter-vector-store-oracle (>=1.0.0 <=1.0.5) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-oracle-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-oracle-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321393...
org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-mariadb-store (>=1.1.0-M1 <=1.1.4)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321390...
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-elasticsearch-store is a Spring AI Elasticsearch Vector Store Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter...
org.jetos.app:jet-privacy (>=0.0.1 <=0.0.2), org.springframework.ai:spring-ai-milvus-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +3 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-milvus-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-milvus-store MAVEN version =1.0.0-M5, =0.0.1, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321391...