VYPR

Maven package

org.springframework.ai/spring-ai-mariadb-store

pkg:maven/org.springframework.ai/spring-ai-mariadb-store

Vulnerabilities (1)

  • CVE-2026-22730HigMar 18, 2026
    affected >= 1.1.0-M1, < 1.1.3fixed 1.1.3

    A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.