org.springframework.ai:spring-ai-advisors-vector-store (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.springframework.ai:spring-ai-advisors-vector-store, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2026-41712 — CVSS 7.5 (high): Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data…
CVE-2026-40966 — CVSS 5.9 (medium): In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including…