How severe is CVE-2026-22730?

CVE-2026-22730 has a CVSS v3 score of 8.8 (HIGH).

CVE-2026-22730

8.8HIGH

Published: 3/18/2026Updated: 3/18/2026

Description

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.

AI AnalysisPowered by AI

References

https://spring.io/security/cve-2026-22730