{"data":{"id":"210d46a4-1efd-47aa-b610-1cf82f7781ca","title":"CVE-2026-41705: Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized","summary":"Spring AI's MilvusVectorStore#doDelete(List) method has a vulnerability called filter-expression injection (where attackers can manipulate database filter commands by inserting malicious code into document IDs) because document IDs are not properly cleaned before being used. This affects Spring AI versions 1.0.0 through 1.0.x and 1.1.0 through 1.1.x.","solution":"Upgrade to Spring AI 1.0.7 or greater (for 1.0.x users) or Spring AI 1.1.6 or greater (for 1.1.x users).","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-41705","publishedAt":"2026-05-09T01:16:08.690Z","cveId":"CVE-2026-41705","cweIds":["CWE-917"],"cvssScore":"8.6","cvssSeverity":"high","severity":"high","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Spring AI","VMware","Milvus"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0.00019,"patchAvailable":null,"disclosureDate":"2026-05-09T01:16:08.690Z","capecIds":["CAPEC-242"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}