high advisory March 19, 2026

CVE-2026-22729: JSONPath Injection Vulnerability in Spring AI's PgVectorStore

CVE-2026-22729 is a JSONPath Injection vulnerability found in Spring AI's PgVectorStore, potentially allowing for unauthorized data access or modification.

CVE-2026-22729 is a newly identified JSONPath Injection vulnerability affecting the PgVectorStore component within the Spring AI framework. The vulnerability arises from insufficient input sanitization when processing JSONPath expressions, potentially allowing attackers to inject malicious code into queries. Successful exploitation could lead to unauthorized data access, modification, or even remote code execution depending on the application’s configuration and permissions. This vulnerability…

Detection coverage 2

Detect Suspicious JSONPath Expressions in Process Arguments

high

Detects processes with command-line arguments containing potentially malicious JSONPath expressions indicative of injection attempts.

sigma tactics: initial_access techniques: T1190 sources: process_creation, windows

Detect Network Traffic Containing Suspicious JSONPath Payloads

medium

Detects network traffic with HTTP requests containing potentially malicious JSONPath expressions in the URI or body.

sigma tactics: initial_access techniques: T1190 sources: network_connection, windows

Detection queries are kept inside the platform. Get full rules →