CVE-2026-22730

CVSS v3.1

8.8

High

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

🟠 CVE-2026-22730 - High

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands.

The vulne...

https://t.co/aX3wHsBpxf https://t.co/XXtIaExcH8

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2026-22730

GHSA-C267-RFVC-MVPM

Affected Products

Spring Ai

Org.Springframework.Ai:Spring-Ai-Mariadb-Store

CVE-2026-22730

Weakness Enumeration

Related Identifiers

Affected Products

References · 16