4 matches found
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +372 more potentially affected by CVE-2026-41712 via org.springframework.ai:spring-ai-model (>=2.0.0-M1 <=2.0.0-M5)
org.springframework.ai:spring-ai-model MAVEN version =2.0.0-M1, =0.1.0, =0.1.0, =1.21.9, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2 and more Source cves: CVE-2026-41712 Source advisory: OSV:GHSA-Q62F-H9X2-GCQC...
ai.driftkit:driftkit-clients-spring-ai (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-clients-spring-ai-starter (>=0.6.0 <=0.8.7) +469 more potentially affected by CVE-2026-41712 via org.springframework.ai:spring-ai-model (>=1.0.0-M7 <=1.0.6)
org.springframework.ai:spring-ai-model MAVEN version =1.0.0-M7, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.6.0, =0.7.0, =0.6.0, =0.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.28 - ai.intelliswarm:swarmai-rag =1.0.28 and more Source cves: CVE-2026-41712 Source advisory:...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +525 more potentially affected by CVE-2026-41713 via org.springframework.ai:spring-ai-model (>=1.1.0-M1 <=1.1.5)
org.springframework.ai:spring-ai-model MAVEN version =1.1.0-M1, =0.1.0, =0.1.0, =0.8.0, =0.7.0, =0.7.0, =0.8.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.6 and more Source cves: CVE-2026-41713 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624613...
Prompt Injection
Overview org.springframework.ai:spring-ai-model is a Core model interfaces and classes for Spring AI Affected versions of this package are vulnerable to Prompt Injection via conversation memory handling in the affected advisor. An attacker can inject crafted input in conversation memory that is...