2 matches found
EUVD-2026-29448
Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users...
CVE-2026-41712
The CVE-2026-41712 entry concerns Spring AI's chat memory component, where a problematic default (DEFAULT_CONVERSATION_ID) can cause cross-user data exposure when not explicitly overridden. Affected element: the chat memory/session handling; root cause: default configuration that ties user conver...