Lucene search
K

9 matches found

vulnersOsv
vulnersOsv
added 2026/03/27 7:18 a.m.7 views

cn.echoparrot:echoparrot-application (=25.4.0), cn.echoparrot:echoparrot-core (>=25.4.0 <=25.4.4) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.1.0-M1, =25.4.0, =1.1.0, =1.1.3 - org.vrspace:server =0.8.7 Source cves: CVE-2026-22743 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791530...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 7:18 a.m.7 views

io.gitee.yeshizhe:echoparrot-application (=25.2.5), io.gitee.yeshizhe:echoparrot-core (=25.2.5) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22743 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791530...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:31 a.m.6 views

cn.echoparrot:echoparrot-application (=25.4.0), cn.echoparrot:echoparrot-core (>=25.4.0 <=25.4.4) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.1.0-M1, =25.4.0, =1.1.0, =1.1.3 - org.vrspace:server =0.8.7 Source cves: CVE-2026-22743 Source advisory: OSV:GHSA-7CJ7-RCW6-P68V...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:31 a.m.9 views

io.gitee.yeshizhe:echoparrot-application (=25.2.5), io.gitee.yeshizhe:echoparrot-core (=25.2.5) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22743 Source advisory: OSV:GHSA-7CJ7-RCW6-P68V...

7.5CVSS5.8AI score0.0025EPSS
Exploits0
OSV
OSV
added 2026/03/27 6:31 a.m.4 views

GHSA-7CJ7-RCW6-P68V Spring AI has a Cypher Injection vulnerability in Neo4jVectorFilterExpressionConverter

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS5.9AI score0.0025EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/27 6:31 a.m.7 views

EUVD-2026-16539

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS5.8AI score0.0025EPSS
Exploits0References2
NVD
NVD
added 2026/03/27 6:16 a.m.11 views

CVE-2026-22743

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS0.0025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 5:33 a.m.4 views

CVE-2026-22743

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey embeds the key into a backtick-delimited...

7.5CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
Spring Security Advisories
Spring Security Advisories
added 2026/03/26 12:0 a.m.8 views

Server-Side Request Forgery via Filter Expression Keys in Neo4jVectorStore

spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter . When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store , doKey embeds the key into a backtick-delimited Cypher...

7.5CVSS5.8AI score0.0025EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder