6505 matches found
CVE-2026-22743
Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...
CVE-2026-22742
Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...
CVE-2026-22744
In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters.This issue affects Spring AI: from 1.0.0 before 1.0....
CVE-2026-22744
In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters.This issue affects Spring AI: from 1.0.0 before 1.0....
CVE-2026-22744
In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters.This issue affects Spring AI: from 1.0.0 before 1.0....
CVE-2026-22743
Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...
CVE-2026-22742
The provided sources confirm a concrete SSRF vulnerability in Spring AI’s spring-ai-bedrock-converse BedrockProxyChatModel, triggered when processing multimodal messages with user-supplied media URLs. The root cause is insufficient validation of those URLs, allowing the server to issue HTTP reque...
CVE-2026-22742 Server-Side Request Forgery in BedrockProxyChatModel via Unvalidated Media URL Fetching
Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...
CVE-2026-22742
Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...
CVE-2026-22738
In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression...
CVE-2026-22738 SpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution
In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression...
CVE-2026-22738 SpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution
In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression...
CVE-2026-22738
CVE-2026-22738 is a SpEL injection vulnerability in Spring AI's SimpleVectorStore that allows arbitrary code execution when a user-supplied value is used as a filter expression key. Affected versions are Spring AI 1.0.0–1.0.4 and 1.1.0–1.1.3; fixed versions are 1.0.5 and 1.1.4. The issue requires...
VMware Spring AI 安全漏洞
VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. Versions prior to 1.0.5 and 1.1.4 of VMware Spring AI contained security vulnerabilities. These vulnerabilities...
VMware Spring AI 安全漏洞
VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities within the Spring ecosystem. Versions of VMware Spring AI prior to 1.0.5 and 1.1.4 contained security vulnerabilities. These vulnerabilities...
VMware Spring AI 安全漏洞
VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities within the Spring ecosystem. Versions of VMware Spring AI prior to 1.0.5 and 1.1.4 contained security vulnerabilities. These vulnerabilities...
PT-2026-28325
Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.4 Spring AI versions 1.1.0 through 1.1.3 Description Spring AI’s spring-ai-bedrock-converse component has a Server-Side Request Forgery SSRF issue within the BedrockProxyChatModel. This occurs when handling...
VMware Spring AI 安全漏洞
VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities within the Spring ecosystem. Versions prior to 1.0.5 and 1.1.4 of VMware Spring AI contained security vulnerabilities. These vulnerabilities...
PT-2026-28326
Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.4 Spring AI versions 1.1.0 through 1.1.3 Description The software contains a Cypher injection issue within the Neo4jVectorFilterExpressionConverter component. When a user-controlled string is used as a filt...
com.github.vzakharchenko:chillispot-radius-plugin (>=1.2.6 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.2.5 <=1.4.11) +72 more potentially affected by CVE-2026-3190 via org.keycloak:keycloak-model-jpa (>=10.0.0 <=26.5.5)
org.keycloak:keycloak-model-jpa MAVEN version =10.0.0, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =5.1.0-26.1, =2.5.6-24.0, =2.0.6, =15.0.0.1 and more Source cves: CVE-2026-3190 Source advisory: OSV:GHSA-Q35R-VVHV-VX5H...