CVE-2026-22730

HIGH

CVE-2026-22730: SQL Injection in Spring AI MariaDBFilterExpressionConverter

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-22730. PoCs published by NULL200OK.

AI-analyzed exploit summary The repository contains a functional Python-based scanner and exploit tool for CVE-2026-22730, a SQL injection vulnerability in Spring AI's MariaDB vector store. It includes time-based detection, multiple HTTP methods, and exploitation options for data retrieval or deletion.

Description

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.

Exploits (1)

nomisec WORKING POC 1 stars
by NULL200OK · poc
https://github.com/NULL200OK/CVE-2026-22730-Scanner

The repository contains a functional Python-based scanner and exploit tool for CVE-2026-22730, a SQL injection vulnerability in Spring AI's MariaDB vector store. It includes time-based detection, multiple HTTP methods, and exploitation options for data retrieval or deletion.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Spring AI (versions 1.0.x < 1.0.4 and 1.1.x < 1.1.3) with MariaDB vector store
No auth needed
Prerequisites: Python 3.6+ · requests library · target URL with vulnerable endpoint
devstral-2 · analyzed Mar 20, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.8
EPSS 0.0003
EPSS Percentile 8.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (4)
org.springframework.ai/spring-ai-mariadb-store 1.1.0-M1 - 1.1.3Maven
VMware/Spring AI 1.0.x - 1.0.4
VMware/Spring AI 1.1.x - 1.1.3
vmware/spring_ai 1.0.0 - 1.0.4
Published Mar 18, 2026
Tracked Since Mar 18, 2026