PT-2026-28326 · Vmware+1 · Spring Ai+1

Published

2026-03-26

Updated

2026-03-30

CVE-2026-22743

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.4 Spring AI versions 1.1.0 through 1.1.3

Description The software contains a Cypher injection issue within the Neo4jVectorFilterExpressionConverter component. When a user-controlled string is used as a filter expression key, the doKey() function incorporates the key into a Cypher property accessor using backticks. The software only removes double quotes but does not escape embedded backticks, which can lead to potential injection attacks. The vulnerable component is Neo4jVectorFilterExpressionConverter. The vulnerable parameter is the filter expression key.

Recommendations Update Spring AI to version 1.0.5 or later. Update Spring AI to version 1.1.4 or later.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-943CWE-89

Related Identifiers

BDU:2026-05617

CVE-2026-22743

GHSA-7CJ7-RCW6-P68V

Affected Products

Neo4J

Spring Ai

PT-2026-28326 · Vmware+1 · Spring Ai+1

CVE-2026-22743

Weakness Enumeration

Related Identifiers

Affected Products

References · 11