PT-2026-40007 · Vmware+2 · Spring Ai+1
Ahmed Sekka
·
Published
2026-05-12
·
Updated
2026-05-12
·
CVE-2026-41713
CVSS v3.1
8.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
The product name cannot be determined (affected versions not specified)
Description
A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Spring Ai
Org.Springframework.Ai:Spring-Ai-Client-Chat