CVE-2026-41863

MEDIUM

LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API

Title source: cna

Description

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0 through 1.1.x

References (1)

Core 1

Core References

https://spring.io/security/cve-2026-41863

Scores

CVSS v3 6.5

EPSS 0.0041

EPSS Percentile 32.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (2)

Spring/Spring AI 1.1.0 - 1.1.x

vmware/spring_ai 1.1.0 - 1.1.7

Published May 25, 2026

Tracked Since May 25, 2026