Spring Product Security Update Advisory
Overview A security update has been released to address a vulnerability in Spring products. the target is Spring AI, and users should update to the latest version. Affected Products and Versions Spring AI 1.0.0 and later, but earlier than 1.0.7. Spring AI 1.1.0 and later but earlier than 1.1.6. Resolved
Spring Product Security Update Advisory
Security updates have been released to address vulnerabilities in Spring products. the affected products are Spring Cloud Config and Spring AI. The vulnerabilities addressed in Spring Cloud Config are CVE-2026-40981, CVE-2026-40982, and CVE-2026-41002. CVE-2026-40981 is a privilege bypass vulnerability. CVE-2026-40982 is a Directory Path Manipulation vulnerability. CVE-2026-41002 is a TOCTOU
Spring Product Security Update Advisory
Overview A security update has been released to address a vulnerability in Spring products. the target is Spring AI, and users should update to the latest version. Affected by Spring AI 1.0.0 or later and earlier than 1.0.6. Spring AI 1.1.0 and above, but below 1.1.5. Resolved vulnerabilities CVE-2026-40967: Failure
Spring Product Security Update Advisory
overview We have released security updates that address vulnerabilities in Spring products. users of affected products are encouraged to update to the latest version. affected products Cve-2026-22738, cve-2026-22742, cve-2026-22743, cve-2026-22744 Spring AI version: 1.0.0 or higher but lower than 1.0.5Spring AI version: 1.1.0 or later and less than 1.1.4 resolved
Spring Product Security Update Advisory
overview We have released security updates that address vulnerabilities in Spring products. users of affected products are encouraged to update to the latest version. affected products Cve-2026-22729, cve-2026-22730 Spring AI version: 1.0.xSpring AI version: 1.1.x resolved vulnerabilities JSONPath injection vulnerability in FilterExpressionConverter in Spring AI Vector Stores (CVE-2026-22729)SQL injection vulnerability
