CyberRota
← Ana sayfaya dön

CVE-2026-47835

HIGH · CVSS 8.6 EPSS %0.25

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-15T20:16:28.840 · Çekilme zamanı: 2026-06-30T12:20:03.589965+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-47835
Severity
HIGH
CVSS
8.6
EPSS
%0.25

Orijinal NVD Açıklaması

In Spring AI Vector Stores, special characters could be used to force the execution of arbitrary queries in Elasticsearch, OpenSearch, and GemFire VectorDB. Affected components: spring-ai-elasticsearch-store, spring-ai-opensearch-store, spring-ai-gemfire-store. Affected versions: Spring AI 1.0.0 through 1.0.x (fix 1.0.9). Spring AI 1.1.0 through 1.1.x (fix 1.1.8).