Skip to main content

Java CVE-2026-22743

| EUVD-2026-16539 HIGH
SQL Injection (CWE-89)
2026-03-27 vmware GHSA-7cj7-rcw6-p68v
Java SQLi
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Re-analysis Queued
Apr 16, 2026 - 20:37 vuln.today
cvss_changed
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 27, 2026 - 06:00 euvd
EUVD-2026-16539
Analysis Generated
Mar 27, 2026 - 06:00 vuln.today
CVE Published
Mar 27, 2026 - 05:33 nvd
HIGH 7.5

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1 maven packages depend on org.springframework.ai:spring-ai-neo4j-store (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 1.0.0-M5.

DescriptionCVE.org

Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When a user-controlled string is passed as a filter expression key in Neo4jVectorFilterExpressionConverter of spring-ai-neo4j-store, doKey() embeds the key into a backtick-delimited Cypher property accessor (node.metadata.) after stripping only double quotes, without escaping embedded backticks.This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4.

AnalysisAI

Cypher injection in Spring AI Neo4j vector store (versions 1.0.0 through 1.0.4 and 1.1.0 through 1.1.3) allows unauthenticated remote attackers to access confidential data stored in Neo4j databases. The vulnerability exists in Neo4jVectorFilterExpressionConverter where user-controlled filter expression keys are embedded into Cypher property accessors without proper backtick escaping, enabling attackers to break out of the intended property context and execute arbitrary Cypher queries. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious filter expression with backtick character
Delivery
Submit to Neo4jVectorFilterExpressionConverter.doKey()
Exploit
Inject Cypher code into backtick-delimited property accessor
Execution
Execute arbitrary Neo4j Cypher queries
Impact
Extract sensitive data from database
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Spring AI versions 1.0.0-1.0.4 or 1.1.0-1.1.3 with Neo4j vector store enabled. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) indicates this is a remotely exploitable vulnerability requiring no authentication, low attack complexity, and no user interaction, resulting in high confidentiality impact without integrity or availability consequences. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker submits a malicious filter expression key containing backtick characters to a Spring AI application endpoint that processes Neo4j vector store queries. For example, a crafted key like "field`} MATCH (n) RETURN n //" causes the Neo4jVectorFilterExpressionConverter to construct a Cypher query that breaks out of the intended property accessor context and executes arbitrary graph traversal commands. …
Remediation Upgrade Spring AI to version 1.0.5 or later for the 1.0.x branch, or to version 1.1.4 or later for the 1.1.x branch as documented in the vendor advisory at https://spring.io/security/cve-2026-22743. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all deployments of Spring AI Neo4j vector store and identify systems running versions 1.0.0-1.0.4 or 1.1.0-1.1.3. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-28575 CRITICAL
10.0 Jun 17

Local denial of service in Android's PackageInstaller subsystem stems from a logic error in PackageInstallerSession.tran
CVE-2026-47835 HIGH
8.6 Jun 15

NoSQL/query injection in Spring AI Vector Stores (1.0.0-1.0.8 and 1.1.0-1.1.7) allows remote unauthenticated attackers t
CVE-2026-47825 HIGH
8.6 Jun 15

Origin validation failure in Spring Cloud Gateway (WebMVC and WebFlux Server variants) allows remote attackers to spoof

CVE-2026-41708 HIGH
7.5 Jun 15

Denial-of-service in Spring Cloud Sleuth 3.1.0 through 3.1.13 allows remote unauthenticated attackers to exhaust applica
CVE-2026-50196 HIGH
7.5 Jun 17

Denial of service in Steeltoe.Discovery.Eureka client (.NET) versions prior to 4.2.0 and 3.4.0 allows a remote Eureka re

Share

CVE-2026-22743 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy