CVE-2026-41713

HIGH

VMware Spring AI - Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

Title source: rule

Description

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns.

References (2)

Core 2

Core References

https://spring.io/security/cve-2026-41713

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N&version=3.1

Scores

CVSS v3 8.2

EPSS 0.0004

EPSS Percentile 12.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-1336

Status published

Products (5)

org.springframework.ai/spring-ai-client-chat 0 - 1.0.7Maven

org.springframework.ai/spring-ai-client-chat 1.1.0-M1 - 1.1.6Maven

VMware/Spring AI 1.0.0 - 1.0.7

VMware/Spring AI 1.1.0 - 1.1.6

vmware/spring_ai 1.0.0 - 1.0.7

Published May 12, 2026

Tracked Since May 12, 2026