CVE-2026-41705

HIGH

Spring AI - Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Title source: rule

Description

Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 or greater.

References (1)

Core 1

Core References

https://spring.io/security/cve-2026-41705

Scores

CVSS v3 8.6

EPSS 0.0003

EPSS Percentile 7.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-917

Status published

Products (7)

org.springframework.ai/spring-ai-milvus-store 1.0.0 - 1.0.7Maven

org.springframework.ai/spring-ai-milvus-store 1.1.0 - 1.1.6Maven

org.springframework.ai/spring-ai-typesense-store 1.0.0 - 1.0.7Maven

org.springframework.ai/spring-ai-typesense-store 1.1.0 - 1.1.6Maven

Spring/Spring AI 1.0.0 - 1.0.7

Spring/Spring AI 1.1.0 - 1.1.6

vmware/spring_ai 1.0.0 - 1.0.7

Published May 09, 2026

Tracked Since May 09, 2026