Tag

Cve-2026-22738

1 brief RSS

Spring AI SimpleVectorStore SpEL Injection Vulnerability (CVE-2026-22738)

A SpEL injection vulnerability exists in Spring AI's SimpleVectorStore when a user-supplied value is used as a filter expression key, potentially allowing malicious actors to execute arbitrary code in vulnerable applications.

spel-injection spring-ai cve-2026-22738 code-execution

2r 1t 1i Mar 27, 2026