CVE-2026-22729

| EUVD-2026-12795 HIGH
2026-03-18 vmware GHSA-rp9g-qx29-88cp
8.6
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 18, 2026 - 08:00 euvd
EUVD-2026-12795
Analysis Generated
Mar 18, 2026 - 08:00 vuln.today
CVE Published
Mar 18, 2026 - 07:39 nvd
HIGH 8.6

Tags

Java Authentication Bypass

Description

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper escaping, enabling attackers to inject arbitrary JSONPath logic and access unauthorized documents. This vulnerability affects applications using vector stores that extend AbstractFilterExpressionConverter for multi-tenant isolation, role-based access control, or document filtering based on metadata. The vulnerability occurs when user-supplied values in filter expressions are not escaped before being inserted into JSONPath queries. Special characters like ", ||, and && are passed through unescaped, allowing injection of arbitrary JSONPath logic that can alter the intended query semantics.

Analysis

Spring AI's AbstractFilterExpressionConverter fails to properly escape user-controlled input in JSONPath queries, allowing authenticated attackers to inject arbitrary expressions and bypass access controls in vector store implementations. This impacts applications relying on the converter for multi-tenant isolation, role-based access, or metadata-based document filtering, enabling attackers to access unauthorized documents. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Identify all applications using Spring AI's AbstractFilterExpressionConverter and assess which handle sensitive multi-tenant or access-controlled data; implement network segmentation to limit lateral movement if compromise occurs. Within 7 days: Deploy input validation and escaping middleware to sanitize filter expressions before processing; enable enhanced logging and monitoring for suspicious filter patterns. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

43
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +43
POC: 0

Share

CVE-2026-22729 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy