Where
-Infinity
0

Trending

Last week
Last month
Last year

VMware Spring AiPrompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

Risk 54
Severity
8.2
First published (updated )
CVE-2026-41713

VMware Spring AiChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage

Risk 43
Severity
7.5
First published (updated )
CVE-2026-41712

VMware Spring AiSpring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injec…

Risk 64
Severity
8.6
First published (updated )
CVE-2026-41705

VMware Spring AiIn Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amoun…

Risk 38
Severity
6.5
First published (updated )
CVE-2026-40980

VMware Spring AiIn Spring AI, having access to a shared environment can expose the ONNX model used by the applicatio…

Risk 41
Severity
6.1
First published (updated )
CVE-2026-40979
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware Spring AiSQL Injection

Risk 79
Severity
8.8
First published (updated )
CVE-2026-40978

VMware Spring AiVectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration

Risk 35
Severity
5.9
First published (updated )
CVE-2026-40966

VMware Spring AiCode Injection

Risk 64
Severity
8.6
First published (updated )
CVE-2026-40967

VMware Spring AiIn RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed …

Risk 43
Severity
7.5
First published (updated )
CVE-2026-22744

VMware Spring AiServer-Side Request Forgery via Filter Expression Keys in Neo4jVectorStore

Risk 43
Severity
7.5
First published (updated )
CVE-2026-22743
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware Spring AiServer-Side Request Forgery in BedrockProxyChatModel via Unvalidated Media URL Fetching

Risk 49
Severity
8.6
First published (updated )
CVE-2026-22742

VMware Spring AiSpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution

Risk 86
Severity
9.8
First published (updated )
CVE-2026-22738

maven/org.springframework.ai:spring-ai-vector-storeJSONPath Injection in Spring AI Vector Stores FilterExpressionConverter

Risk 51
Severity
8.6
First published (updated )
CVE-2026-22729

maven/org.springframework.ai:spring-ai-mariadb-storeSQL Injection in Spring AI MariaDBFilterExpressionConverter

Risk 83
Severity
8.8
First published (updated )
CVE-2026-22730

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203