{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22730", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2026-01-09T06:54:41.498Z", "datePublished": "2026-03-18T07:36:30.533Z", "dateUpdated": "2026-03-19T03:55:21.545Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2026-03-18T07:36:30.533Z"}, "title": "CVE-2026-22730: SQL Injection in Spring AI MariaDBFilterExpressionConverter", "datePublic": "2026-03-17T07:32:00.000Z", "affected": [{"vendor": "VMware", "product": "Spring AI", "packageName": "Spring AI", "versions": [{"status": "affected", "version": "1.0.x", "lessThan": "1.0.4", "versionType": "OSS"}, {"status": "affected", "version": "1.1.x", "lessThan": "1.1.3", "versionType": "oss"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands.\n\nThe vulnerability exists due to missing input sanitization.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands.</p><p>The vulnerability exists due to missing input sanitization.</p>"}]}], "references": [{"url": "https://spring.io/security/cve-2026-22730"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-22730"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T03:55:21.545Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22730", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-18T14:31:29.687873Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T14:31:38.590Z"}}], "cna": {"title": "CVE-2026-22730: SQL Injection in Spring AI MariaDBFilterExpressionConverter", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "VMware", "product": "Spring AI", "versions": [{"status": "affected", "version": "1.0.x", "lessThan": "1.0.4", "versionType": "OSS"}, {"status": "affected", "version": "1.1.x", "lessThan": "1.1.3", "versionType": "oss"}], "packageName": "Spring AI", "defaultStatus": "unaffected"}], "datePublic": "2026-03-17T07:32:00.000Z", "references": [{"url": "https://spring.io/security/cve-2026-22730"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands.\n\nThe vulnerability exists due to missing input sanitization.", "supportingMedia": [{"type": "text/html", "value": "<p>A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands.</p><p>The vulnerability exists due to missing input sanitization.</p>", "base64": false}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2026-03-18T07:36:30.533Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22730", "state": "PUBLISHED", "dateUpdated": "2026-03-19T03:55:21.545Z", "dateReserved": "2026-01-09T06:54:41.498Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2026-03-18T07:36:30.533Z", "assignerShortName": "vmware"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_ai:*:*:*:*:*:*:*:*", "matchCriteriaId": "F510851F-2162-4380-97A0-75456BC7875A", "versionEndExcluding": "1.0.4", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_ai:*:*:*:*:*:*:*:*", "matchCriteriaId": "34C3CF7E-1A85-4EFE-8CC0-03E85527B2D5", "versionEndExcluding": "1.1.3", "versionStartIncluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands.\n\nThe vulnerability exists due to missing input sanitization."}, {"lang": "es", "value": "Una vulnerabilidad cr\u00edtica de inyecci\u00f3n SQL en el MariaDBFilterExpressionConverter de Spring AI permite a los atacantes eludir los controles de acceso basados en metadatos y ejecutar comandos SQL arbitrarios.\n\nLa vulnerabilidad existe debido a la falta de saneamiento de entrada."}], "id": "CVE-2026-22730", "lastModified": "2026-04-01T16:52:48.390", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2026-03-18T08:16:31.170", "references": [{"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://spring.io/security/cve-2026-22730"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.0.0,1.0.4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.1.0,1.1.3)"}}], "enrichment": {"confidence": 90.0, "confidence_source": "matching", "scores": [{"score": 90.0, "source": "matching"}]}, "original": {"product": "Spring AI", "source": "cna", "vendor": "VMware"}, "product": "spring", "vendor": "vmware"}], "analysis": {"en": {"generated_at": "2026-04-02T05:38:33.084814+00:00", "value": {"mitigation_remediation": ["Check for and apply any available update from VMware to address the vulnerability.", "If no patch is available, restrict or disable access to the MariaDBFilterExpressionConverter feature.", "Implement custom input validation to sanitize user\u2011supplied filter expressions before they reach the converter.", "Monitor database logs for anomalous SQL activity and keep all other components up to date with vendor releases."], "summary": {"action": "Immediate Patch", "impact": "SQL Injection"}, "threat_synthesis": {"affected_systems": "The vulnerability affects VMware Spring AI. No specific product version is advertised in the advisory, so all current and prior releases might be vulnerable until a vendor\u2011issued update resolves the issue. Administrators should verify the installed version and consult VMware\u2019s security notices for remediation guidance.", "description_and_impact": "A missing input sanitization in VMware Spring AI\u2019s MariaDBFilterExpressionConverter enables SQL injection. Attackers could inject arbitrary SQL statements to bypass metadata\u2011based access controls, potentially leading to unauthorized disclosure, modification, or deletion of database contents. The flaw is identified as CWE\u201189, reflecting improper handling of user input in SQL queries.", "risk_and_exploitability": "The CVSS score of 8.8 indicates a high\u2011severity risk, while the EPSS score of less than 1% suggests a low probability of exploitation today. The vulnerability is not in CISA\u2019s KEV catalog. Based on the description, it is inferred that attackers can exploit the flaw remotely by submitting crafted filter expressions that the converter processes, enabling arbitrary SQL execution that could compromise confidentiality, integrity, and availability."}}}}, "created": "2026-03-18T10:41:41.945730+00:00", "updated": "2026-04-02T08:00:04.416244+00:00", "vendors": ["vmware", "vmware$PRODUCT$spring"]}