Spring AI 1.0.0 through 1.0.6, Spring AI 1.1.0 through 1.1.5
Summary
This vulnerability impacts Spring AI, a popular framework for building AI and RAG applications. It exists in the `doDelete` method of the `MilvusVectorStore` implementation, which fails to sanitize input document IDs. Attackers can inject malicious filter expressions to interact with unauthorized data in the vector store used by RAG pipelines.
Remediation
Upgrade to the official patched releases of Spring AI immediately. For deployments running Spring AI 1.0.x, upgrade to version 1.0.7 or newer. For deployments running Spring AI 1.1.x, upgrade to version 1.1.6 or newer. Restrict access to deletion endpoints for untrusted users until patching is complete.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.