16 matches found
CVE-2026-22730
CVE-2026-22730 describes a critical SQL injection vulnerability in Spring AI’s MariaDBFilterExpressionConverter, enabling bypass of metadata-based access controls and arbitrary SQL execution. Technical details across connected sources indicate the issue stems from missing input sanitization when ...
CVE-2026-22729
Spring AI’s AbstractFilterExpressionConverter is vulnerable to a JSONPath injection, where user-controlled input in FilterExpressionBuilder is concatenated into JSONPath queries without proper escaping. This can allow authenticated users to bypass metadata-based access controls and access unautho...
CVE-2026-41705
The CVE affects Spring AI MilvusVectorStore#doDelete(List) and is caused by a filter-expression injection from unsanitized document IDs. Affected are Spring AI 1.0.x (1.0.0–1.0.x); upgrade to 1.0.7+; and Spring AI 1.1.x (1.1.0–1.1.x); upgrade to 1.1.6+. CVSSv3.1 base score 8.6 (HIGH): Network acc...
CVE-2026-22743
CVE-2026-22743 affects Spring AI’s spring-ai-neo4j-store, specifically the Cypher injection in the Neo4jVectorFilterExpressionConverter. A user-controlled string used as a filter expression key is embedded into a backtick-delimited Cypher property accessor (node.metadata.) after stripping only do...
CVE-2026-41863
Technical details about the vulnerability (affected component specifics, root cause, exploit scenarios, and remediation) are not provided in the supplied documents. Monitor for updates from Spring.io security advisories.
CVE-2026-41712
The CVE-2026-41712 entry concerns Spring AI's chat memory component, where a problematic default (DEFAULT_CONVERSATION_ID) can cause cross-user data exposure when not explicitly overridden. Affected element: the chat memory/session handling; root cause: default configuration that ties user conver...
CVE-2026-22738
CVE-2026-22738 is a SpEL injection vulnerability in Spring AI's SimpleVectorStore that allows arbitrary code execution when a user-supplied value is used as a filter expression key. Affected versions are Spring AI 1.0.0–1.0.4 and 1.1.0–1.1.3; fixed versions are 1.0.5 and 1.1.4. The issue requires...
CVE-2026-40966
Spring AI vulnerability CVE-2026-40966: VectorStoreChatMemoryAdvisor allows cross-tenant exfiltration by injecting filter logic through a user-supplied conversationId, bypassing chat isolation. Affected: apps using VectorStoreChatMemoryAdvisor with conversationId from input. Impact: confidentiali...
CVE-2026-41713
CVE-2026-41713 describes a prompt-injection style vulnerability in the PromptChatMemoryAdvisor where user-supplied input is stored in conversation memory and later interpreted by the model in an unintended way. Affected functionality is the advisor component that relies on memory of prior turns; ...
CVE-2026-22742
The provided sources confirm a concrete SSRF vulnerability in Spring AI’s spring-ai-bedrock-converse BedrockProxyChatModel, triggered when processing multimodal messages with user-supplied media URLs. The root cause is insufficient validation of those URLs, allowing the server to issue HTTP reque...
CVE-2026-22744
The CVE refers to Spring AI’s Redis Store (spring-ai-redis-store) in RedisFilterExpressionConverter. A user-controlled string used as a filter value for a TAG field is inserted directly into the RediSearch TAG block (@field:{VALUE}) without escaping. AFFECTED VERSIONS: Spring AI 1.0.0 up to, but ...
CVE-2026-40967
Summary : CVE-2026-40967 affects Spring AI 1.0.0–1.0.5 (fix in 1.0.6) and 1.1.0–1.1.4 (fix in 1.1.5). In several FilterExpressionConverter implementations, filter expression keys/values aren’t properly escaped, enabling an attacker to alter vector store queries. This could impact query integrity ...
CVE-2026-47835
In Spring AI Vector Stores, the vulnerability arises from improper handling of special characters that could lead to arbitrary query execution in Elasticsearch, OpenSearch, and GemFire VectorDB. Affected components are spring-ai-elasticsearch-store, spring-ai-opensearch-store, and spring-ai-gemfi...
CVE-2026-40980
In Spring AI, a memory exhaustion vulnerability exists in the ForkPDFLayoutTextStripper when processing a malicious PDF. Affected versions are Spring AI 1.0.0–1.0.5 (fixed in 1.0.6) and 1.1.0–1.1.4 (fixed in 1.1.5). The CVSS data indicates availability impact is High, with network attack and low ...
CVE-2026-40978
Summary: CVE-2026-40978 is a SQL injection vulnerability in Spring AI’s CosmosDBVectorStore. Affected versions: Spring AI 1.0.0–1.0.5 (fixed in 1.0.6) and 1.1.0–1.1.4 (fixed in 1.1.5). Issue: Attackers can trigger arbitrary SQL queries via crafted document IDs, enabling high-severity impact as pe...
CVE-2026-40979
Technical details (affected products, versions, impact, fixes) are not publicly available in the provided documents. Monitor for updates.