Jinyeong Seol

**Name of the Vulnerable Software and Affected Versions** Spring AI (affected versions not specified) **Description** An attacker can bypass conversation isolation and exfiltrate sensitive memory from other users' chat histories, including secrets and credentials. This occurs when applications use VectorStoreChatMemoryAdvisor and pass user-supplied input as the `conversationId` variable, allowing the injection of filter logic. **Recommendations** Avoid passing user-supplied input directly as the `conversationId` when using VectorStoreChatMemoryAdvisor.

**Name of the Vulnerable Software and Affected Versions** Spring Spring Security versions 6.4.0 through 6.4.15 Spring Spring Security versions 6.5.0 through 6.5.9 Spring Spring Security versions 7.0.0 through 7.0.4 **Description** Applications that explicitly configure One-Time Token login using `JdbcOneTimeTokenService` are subject to a Time-of-check Time-of-use (TOCTOU) race condition. A TOCTOU race condition occurs when a program checks the state of a resource and then performs an action based on that state, but the state changes between the check and the action. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.