Spring AI: SpEL injection is triggered when a user-supplied value is used as a filter expression key — CVE-2026-22738
GitHub · GitHub · CVE-2026-22738
ID
CVE-2026-22738
CVE-2026-22738
Date
Updated
Activity
Source
GitHub
GitHub
Vendor
GitHub
GitHub
Threat
critical
critical
CVSS
9.8
9.8
EPSS
0.00052
0.00052
Summary
In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could exploit this to execute arbitrary code. Only applications that use SimpleVectorStore and pass user-supplied input as a filter expression key are affected. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4.
Product
maven: org.springframework.ai:spring-ai-vector-store
What to do
General, cautious steps (verify details in the official source):
- Prioritize patching or mitigation immediately (treat as actively risky).
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.