Package impact
MAVEN / org.springframework.ai:spring-ai-advisors-vector-store
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41712 | high | 7.5 | 7.5 | 17d ago | Spring AI: ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage | |||
| CVE-2026-40966 | medium | 5.9 | 5.9 | 1mo ago | Spring AI's VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration |