org.springframework.ai:spring-ai-starter-vector-store-oracle (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-oracle-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-oracle-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321393...

io.github.tyran8x:tr-common-ai (>=4.0.5.20260423.1 <=4.0.6.20260502.2), org.springframework.ai:spring-ai-starter-vector-store-redis (>=1.1.0 <=1.1.4) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-redis-store (>=1.1.0-M1 <=1.1.4)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.1.0-M1, =4.0.5.20260423.1, =1.1.0, =1.1.4 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321395...

This Week in Spring - April 21st, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! What a week it's been since we last talked. I was in Barcelona, Spain, for the amazing Spring I/O event there. It has become my favorite show, full stop. Just such an amazing experience. So many wonderful things going on there...

Spring Office Hours Podcast: S5E13 - Community Potluck

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this Potluck episode, Dan and DaShaun open up the floor to the community, answering your questions on Spring Boot, Spring AI, Spring Security, and whatever else is on your mind. Potluck episodes are shaped...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +9630 more potentially affected by CVE-2026-5588 via org.bouncycastle:bcpkix-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcpkix-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =3.10.0.5, =0.5.0, =1.2.4, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2026.05.28.162006-546becb and more Source cves: CVE-2026-5588 Source advisory:...

Spring AI Agentic Patterns (Part 6): AutoMemoryTools — Persistent Agent Memory Across Sessions

File-Based Long-Term Memory for Spring AI Agents Agents are only as useful as what they remember. Spring AI's Chat Memory stores the full conversation and can persist it across restarts, but when the window fills, the oldest messages are evicted. The upcoming Session API will add recursive...

This Week in Spring - April 7th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! It's April 7th, 2026, and I'm on the road! I started the journey for the amazing Voxxed Days Amsterdam show and am now winding my way through France. I visited Colmar, a beautiful city from which the animators on Disney's Beau...

Arbitrary Code Injection

org.springframework.ai:spring-ai-vector-store is vulnerable to Arbitrary Code Injection. The vulnerability is due to unsafe use of user-supplied input as a filter expression key in SimpleVectorStore, which allows an attacker to inject malicious expressions and execute arbitrary code...

CVE-2026-22743

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

CVE-2026-22744

In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters.This issue affects Spring AI: from 1.0.0 before 1.0....

CVE-2026-22742

Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...

com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +4 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-bedrock-converse (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-bedrock-converse MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =.30.0.rc1, =.30.0.rc1, =.30.0.rc1, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791534...

com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...

com.embabel.agent:embabel-agent-bedrock-autoconfigure (=0.2.0), com.embabel.agent:embabel-agent-starter-bedrock (=0.2.0) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.0.0-M7 <=1.0.4)

org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.0.0-M7, =1.0.0, =1.0.0, =1.0.4 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to insufficient validation of user-supplied media URLs in the BedrockProxyChatModel function. An attacker can cause the server to send HTTP requests to unintended internal or external destinations by...

com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-22744 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791529...

cn.echoparrot:echoparrot-application (=25.4.0), cn.echoparrot:echoparrot-core (>=25.4.0 <=25.4.4) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.1.0-M1, =25.4.0, =1.1.0, =1.1.3 - org.vrspace:server =0.8.7 Source cves: CVE-2026-22743 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791530...

org.springframework.ai:spring-ai-starter-vector-store-redis (>=1.1.0 <=1.1.3) potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.3 Source cves: CVE-2026-22744 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791529...

io.gitee.yeshizhe:echoparrot-application (=25.2.5), io.gitee.yeshizhe:echoparrot-core (=25.2.5) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22743 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791530...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation in the doKey function of Neo4jVectorFilterExpressionConverter when a user-controlled string is embedded as a filter expression key without proper escaping of backticks. An attacker can access internal resources...