Vmware Spring_ai
12 CVEs affecting Vmware Spring_ai. Latest disclosed: 2026-05-25. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-22738 | Critical | 9.8 | 2026-03-27 | In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could… |
CVE-2026-40978 | High | 8.8 | 2026-04-28 | SQL injection vulnerability in Spring AI's `CosmosDBVectorStore` allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions… |
CVE-2026-41705 | High | 8.6 | 2026-05-09 | Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affecte… |
CVE-2026-40967 | High | 8.6 | 2026-04-28 | In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages… |
CVE-2026-22742 | High | 8.6 | 2026-03-27 | Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages… |
CVE-2026-41713 | High | 8.2 | 2026-05-12 | A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affect… |
CVE-2026-41712 | High | 7.5 | 2026-05-12 | Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users. |
CVE-2026-22744 | High | 7.5 | 2026-03-27 | In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts th… |
CVE-2026-41863 | Medium | 6.5 | 2026-05-25 | Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malic… |
CVE-2026-40980 | Medium | 6.5 | 2026-04-28 | In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by `ForkPDFLayoutTextStripper`. … |
CVE-2026-40979 | Medium | 6.1 | 2026-04-28 | In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1… |
CVE-2026-40966 | Medium | 5.9 | 2026-04-28 | In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials… |