PT-2026-40006

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users...

CVE-2026-41713

creationtimestamp| type| source ---|---|--- 2026-05-11 09:04:11+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/spring-security-advisory-av26-443 2026-05-11 12:05:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mllabzqe2i2x 2026-05-12 11:59:24+00:00| seen|...

PT-2026-39922

Name of the Vulnerable Software and Affected Versions SAP Commerce cloud affected versions not specified Description Improper Spring Security configuration allows an unauthenticated user to perform malicious configuration upload and code injection. This can result in arbitrary server-side code...

Spring Office Hours Podcast: S5E15 - Upgrading Spring and OSS Security

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, Dan and DaShaun tackle two challenges every Spring developer faces: keeping applications up to date and staying ahead of security vulnerabilities in open source dependencies. They explore how AI...

Spring4Shell-POC

ReznokWorks 사내 게시판 — 모의해킹 시나리오 PoC 원본 Spring4Shell PoChttp...

org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.1.0 <=1.1.5) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-typesense-store (>=1.1.0 <=1.1.5)

org.springframework.ai:spring-ai-typesense-store MAVEN version =1.1.0, =1.1.0, =1.1.5 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...

GHSA-V632-2M87-7469 Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs

Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...

org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.1.0 <=1.1.5) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-milvus-store (>=1.1.0 <=1.1.5)

org.springframework.ai:spring-ai-milvus-store MAVEN version =1.1.0, =1.1.0, =1.1.5 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...

org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.0.0 <=1.0.6), plus.hiver:hiver-module-ai (=1.0.9) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-milvus-store (>=1.0.0 <=1.0.6)

org.springframework.ai:spring-ai-milvus-store MAVEN version =1.0.0, =1.0.0, =1.0.6 - plus.hiver:hiver-module-ai =1.0.9 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...

Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs

Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...

org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.0.0 <=1.0.6) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-typesense-store (>=1.0.0 <=1.0.6)

org.springframework.ai:spring-ai-typesense-store MAVEN version =1.0.0, =1.0.0, =1.0.6 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...

CVE-2026-41705

The CVE affects Spring AI MilvusVectorStore#doDelete(List) and is caused by a filter-expression injection from unsanitized document IDs. Affected are Spring AI 1.0.x (1.0.0–1.0.x); upgrade to 1.0.7+; and Spring AI 1.1.x (1.1.0–1.1.x); upgrade to 1.1.6+. CVSSv3.1 base score 8.6 (HIGH): Network acc...

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework from VMware that integrates artificial intelligence and big language modeling capabilities in the Spring ecosystem. A security vulnerability exists in VMware Spring AI versions 1.0.0 through 1.0.7 prior and 1.1.0 through 1.1.6 prior, which stems from...

PT-2026-39225

Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.6 Spring AI versions 1.1.0 through 1.1.5 Description The doDeleteList function in the MilvusVectorStore implementation is susceptible to filter-expression injection. This occurs because document IDs are not...

ROOT-APP-MAVEN-CVE-2026-40976 CVE-2026-40976 in io.root.org.springframework.boot:spring-boot - Patched by Root

Root has patched CVE-2026-40976 in the io.root.org.springframework.boot:spring-boot package for Root:Maven. Multiple fixed versions available...

CVE-2026-40972

A flaw was found in Spring Boot. An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about a remote secret. In extreme circumstances, this could allow the attacker to determine the secret and upload changed classes, leading to...

CVE-2026-40973

A flaw was found in Spring Boot. A local attacker on the same host as the application may be able to take control of the ApplicationTemp directory due to predictable temporary directory handling. When the server.servlet.session.persistent setting is enabled and the attack persists across...

com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-memory-long (>=1.1.0.0 <=1.1.2.2-retriever2), com.alibaba.cloud.ai:spring-ai-alibaba-starter-memory-long (>=1.1.0.0 <=1.1.2.2-retriever2) +8 more potentially affected by CVE-2026-41713 via org.springframework.ai:spring-ai-advisors-vector-store (>=1.1.0-M3 <=1.1.5)

org.springframework.ai:spring-ai-advisors-vector-store MAVEN version =1.1.0-M3, =1.1.0.0, =1.1.0.0, =1.1.0.0, =0.0.6, =4.17.0, =4.17.0, =4.20.0 - org.vrspace:server =0.8.7 Source cves: CVE-2026-41713 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624616...

ch.admin.bit.jeap:jeap-spring-boot-config-starter (>=17.16.0 <=18.5.0), ch.sbb:spring-cloud-stream-binder-solace (>=4.0.0 <=7.4.5) +896 more potentially affected by CVE-2026-40990 via org.springframework.cloud:spring-cloud-function-context (>=4.0.0 <=4.3.2)

org.springframework.cloud:spring-cloud-function-context MAVEN version =4.0.0, =17.16.0, =4.0.0, =1.0.0, =1.0.1, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2026-40990 Source advisory:...

Prompt Injection

Overview org.springframework.ai:spring-ai-advisors-vector-store is a Chat client advisors for Spring AI Affected versions of this package are vulnerable to Prompt Injection via conversation memory handling in the affected advisor. An attacker can inject crafted input in conversation memory that i...