7 matches found
org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.0.0 <=1.0.6), plus.hiver:hiver-module-ai (=1.0.9) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-milvus-store (>=1.0.0 <=1.0.6)
org.springframework.ai:spring-ai-milvus-store MAVEN version =1.0.0, =1.0.0, =1.0.6 - plus.hiver:hiver-module-ai =1.0.9 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...
org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.1.0 <=1.1.5) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-milvus-store (>=1.1.0 <=1.1.5)
org.springframework.ai:spring-ai-milvus-store MAVEN version =1.1.0, =1.1.0, =1.1.5 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...
CVE-2026-41705
Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...
CVE-2026-41705
Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...
org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.1.0 <=1.1.5) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-milvus-store (>=1.1.0-M1 <=1.1.5)
org.springframework.ai:spring-ai-milvus-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.5 Source cves: CVE-2026-41705 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624640...
org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.0.0 <=1.0.6), org.springframework.ai:spring-ai-typesense-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-typesense-store (>=1.0.0-M5 <=1.0.6)
org.springframework.ai:spring-ai-typesense-store MAVEN version =1.0.0-M5, =1.0.0, =1.0.0-M5, =1.0.0-M6 Source cves: CVE-2026-41705 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624641...
org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.1.0 <=1.1.5) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-typesense-store (>=1.1.0-M1 <=1.1.5)
org.springframework.ai:spring-ai-typesense-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.5 Source cves: CVE-2026-41705 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624641...