https://feed.craftedsignal.io/tags/spring-ai/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 27 Mar 2026 06:16:38 +0000https://feed.craftedsignal.io/briefs/2026-03-spring-ai-redis-injection/Fri, 27 Mar 2026 06:16:38 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-spring-ai-redis-injection/CVE-2026-22744 is a code injection vulnerability in Spring AI's RedisFilterExpressionConverter which allows an attacker to inject arbitrary commands into RediSearch TAG blocks via unescaped user-controlled strings, affecting versions 1.0.0 before 1.0.5 and 1.1.0 before 1.1.4.CVE-2026-22744 is a critical vulnerability found within the RedisFilterExpressionConverter of the Spring AI Redis Store. The vulnerability arises because the stringValue() function directly inserts user-supplied strings into the @field:{VALUE} RediSearch TAG block without proper sanitization or escaping. This allows an attacker to inject arbitrary commands or data into the Redis database if they can control the input used as a filter value for a TAG field. This vulnerability affects…

]]>highadvisoryinjectionspring-airedishttps://feed.craftedsignal.io/briefs/2026-03-spring-ai-spel-injection/Fri, 27 Mar 2026 06:16:37 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-spring-ai-spel-injection/A SpEL injection vulnerability exists in Spring AI's SimpleVectorStore when a user-supplied value is used as a filter expression key, potentially allowing malicious actors to execute arbitrary code in vulnerable applications.<p>A SpEL (Spring Expression Language) injection vulnerability, identified as CVE-2026-22738, has been discovered in the SimpleVectorStore component of Spring AI. This flaw occurs when a user-supplied value is used as a filter expression key within SimpleVectorStore. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system. The vulnerability affects Spring AI versions 1.0.0 before 1.0.5 and 1.1.0 before 1.1.4. Only applications that…</p> criticaladvisoryspel-injectionspring-aicve-2026-22738code-executionhttps://feed.craftedsignal.io/briefs/2026-03-spring-ai-ssrf/Fri, 27 Mar 2026 06:16:37 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-spring-ai-ssrf/Spring AI's spring-ai-bedrock-converse library is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied media URLs in multimodal messages, allowing attackers to trigger HTTP requests to internal or external destinations.<p>A Server-Side Request Forgery (SSRF) vulnerability has been identified in the spring-ai-bedrock-converse library within Spring AI. The vulnerability resides in the BedrockProxyChatModel component and arises during the processing of multimodal messages. Specifically, when handling user-supplied media URLs, the application fails to adequately validate these URLs. This lack of validation allows a malicious actor to inject arbitrary URLs, potentially causing the server to make unintended HTTP…</p> highadvisoryssrfspring-aibedrockproxychatmodelcve-2026-22742https://feed.craftedsignal.io/briefs/2024-06-spring-ai-jsonpath-injection/Thu, 19 Mar 2026 12:35:09 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-06-spring-ai-jsonpath-injection/CVE-2026-22729 is a JSONPath Injection vulnerability found in Spring AI's PgVectorStore, potentially allowing for unauthorized data access or modification.<p>CVE-2026-22729 is a newly identified JSONPath Injection vulnerability affecting the PgVectorStore component within the Spring AI framework. The vulnerability arises from insufficient input sanitization when processing JSONPath expressions, potentially allowing attackers to inject malicious code into queries. Successful exploitation could lead to unauthorized data access, modification, or even remote code execution depending on the application&rsquo;s configuration and permissions. This vulnerability…</p> highadvisorycve-2026-22729jsonpath-injectionspring-ai