pkg:Maven/org.springframework.ai:spring-ai-vector-store

All known vulnerabilities

• CRITICAL9.8CVE-2026-22738Spring AI: SpEL injection is triggered when a user-supplied value is used as a filter expression key
  >= 1.0.0, < 1.0.5
• HIGH8.6CVE-2026-40967Spring AI has a VectorStore FilterExpression Converter injection
  >= 1.0.0, < 1.0.6
• HIGH8.6CVE-2026-22729JSONPath Injection in Spring AI Vector Stores FilterExpressionConverter
  >= 1.1.0-M1, < 1.1.3