CVE-2026-40967: CWE-94: Improper Control of Generation of Code in Spring Spring AI
In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)
AI Analysis
Technical Summary
Spring AI's FilterExpressionConverter implementations translate filter expression objects into vector store query languages. In affected versions, improper escaping of keys and values allows attackers to alter queries, representing a CWE-94 (Improper Control of Generation of Code) vulnerability. This flaw affects Spring AI versions 1.0.0 to 1.0.5 and 1.1.0 to 1.1.4 and is resolved in versions 1.0.6 and 1.1.5. The CVSS 3.1 base score is 8.2, indicating a high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts confidentiality, integrity, and availability to varying degrees.
Potential Impact
The vulnerability allows attackers to manipulate query generation in Spring AI, potentially leading to unauthorized disclosure of information (high confidentiality impact), limited integrity compromise, and some availability disruption. The CVSS score of 8.2 reflects these impacts. There are no known exploits in the wild as of the published date.
Mitigation Recommendations
Upgrade Spring AI to version 1.0.6 or later, or 1.1.5 or later, where this vulnerability has been fixed. Since no official vendor advisory or patch links were provided, verify the upgrade path with the official Spring project resources to ensure remediation. Patch status is not explicitly confirmed in the input data but the description states the issue is fixed in these versions.
CVE-2026-40967: CWE-94: Improper Control of Generation of Code in Spring Spring AI
Description
In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Spring AI's FilterExpressionConverter implementations translate filter expression objects into vector store query languages. In affected versions, improper escaping of keys and values allows attackers to alter queries, representing a CWE-94 (Improper Control of Generation of Code) vulnerability. This flaw affects Spring AI versions 1.0.0 to 1.0.5 and 1.1.0 to 1.1.4 and is resolved in versions 1.0.6 and 1.1.5. The CVSS 3.1 base score is 8.2, indicating a high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts confidentiality, integrity, and availability to varying degrees.
Potential Impact
The vulnerability allows attackers to manipulate query generation in Spring AI, potentially leading to unauthorized disclosure of information (high confidentiality impact), limited integrity compromise, and some availability disruption. The CVSS score of 8.2 reflects these impacts. There are no known exploits in the wild as of the published date.
Mitigation Recommendations
Upgrade Spring AI to version 1.0.6 or later, or 1.1.5 or later, where this vulnerability has been fixed. Since no official vendor advisory or patch links were provided, verify the upgrade path with the official Spring project resources to ensure remediation. Patch status is not explicitly confirmed in the input data but the description states the issue is fixed in these versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- vmware
- Date Reserved
- 2026-04-16T02:18:56.133Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f0521fcbff5d8610c67db0
Added to database: 4/28/2026, 6:22:23 AM
Last enriched: 4/28/2026, 6:36:21 AM
Last updated: 4/29/2026, 3:02:31 AM
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.