CVE-2026-41705: Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs

May 9, 2026 (updated May 14, 2026)

Spring AI’s MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 or greater.

References

github.com/advisories/GHSA-v632-2m87-7469
github.com/spring-projects/spring-ai/pull/6011
nvd.nist.gov/vuln/detail/CVE-2026-41705
spring.io/security/cve-2026-41705

Code Behaviors & Features

Detect and mitigate CVE-2026-41705 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →