CVE-2026-22738

Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.4 and versions 1.1.0 through 1.1.3

Description A SpEL injection flaw exists in the SimpleVectorStore component of Spring AI when a user-supplied value is used as a filter expression key. A malicious actor could potentially execute arbitrary code by exploiting this issue. Applications utilizing SimpleVectorStore and accepting user-provided input for filter expression keys are susceptible. The vulnerability involves the use of Spring Expression Language (SpEL), which, when combined with vector databases, can allow filter keys to become a pathway for remote code execution if user input is not properly handled.

Recommendations Update to Spring AI version 1.0.5 or later. Update to Spring AI version 1.1.4 or later.