478 matches found
CVE-2026-41712
The CVE-2026-41712 entry concerns Spring AI's chat memory component, where a problematic default (DEFAULT_CONVERSATION_ID) can cause cross-user data exposure when not explicitly overridden. Affected element: the chat memory/session handling; root cause: default configuration that ties user conver...
CVE-2026-41712 ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage
Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users...
CVE-2026-41906
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage
Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users...
Prompt Injection
Overview org.springframework.ai:spring-ai-model is a Core model interfaces and classes for Spring AI Affected versions of this package are vulnerable to Prompt Injection via conversation memory handling in the affected advisor. An attacker can inject crafted input in conversation memory that is...
Prompt Injection
Overview org.springframework.ai:spring-ai-client-chat is a Spring AI Chat Client AI programming Affected versions of this package are vulnerable to Prompt Injection via conversation memory handling in the affected advisor. An attacker can inject crafted input in conversation memory that is later...
Prompt Injection
Overview org.springframework.ai:spring-ai-advisors-vector-store is a Chat client advisors for Spring AI Affected versions of this package are vulnerable to Prompt Injection via conversation memory handling in the affected advisor. An attacker can inject crafted input in conversation memory that i...
Missing Authorization
Overview org.springframework.ai:spring-ai-openai is an OpenAI models support Affected versions of this package are vulnerable to Missing Authorization via the default configuration of the Spring AI chat memory component. An attacker can access data from other users when DEFAULTCONVERSATIONID is n...
CVE-2026-41906
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
CVE-2026-41906 FreeScout: Conversation Change-Customer Cross-Mailbox Authorization Bypass
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
CVE-2026-41906 FreeScout: Conversation Change-Customer Cross-Mailbox Authorization Bypass
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
CVE-2026-41906
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
EUVD-2026-28409
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
CVE-2026-41906 FreeScout: Conversation Change-Customer Cross-Mailbox Authorization Bypass
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the mailbox-filtered search endpoint, but the backend conversationchangecustomer action accepts any supplied...
PT-2026-38551
Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.214 Description The backend conversation change customer action fails to properly validate the customer email variable. While the Change Customer modal filters out-of-scope customers via the mailbox-filtered...
FreeScout 安全漏洞
FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.214 contained security vulnerabilities. These vulnerabilities stemmed from the conversationchangecustomer operation, which...
Conversation Isolation Bypass
Spring AI is vulnerable to conversation isolation bypass. The vulnerability is due to insufficient validation of user-supplied input as a conversationId, where an attacker can inject filter logic through conversationId and exfiltrate sensitive memory from other users’ chat histories, including...
Spring AI's VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
GHSA-V6X6-PJXW-3PV2 Spring AI's VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
CVE-2026-40966
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...