CVE-2026-40967

HIGH

Spring AI 1.0.0-1.0.5 - Code Injection

Title source: llm

Description

In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)

References (1)

Core 1

Core References

https://spring.io/security/cve-2026-40967

Scores

CVSS v3 8.6

EPSS 0.0039

EPSS Percentile 30.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (5)

org.springframework.ai/spring-ai-vector-store 1.0.0 - 1.0.6Maven

org.springframework.ai/spring-ai-vector-store 1.1.0 - 1.1.5Maven

Spring/Spring AI 1.0.0 - 1.0.6

Spring/Spring AI 1.1.0 - 1.1.5

vmware/spring_ai 1.0.0 - 1.0.6

Published Apr 28, 2026

Tracked Since Apr 28, 2026