How severe is CVE-2026-22730?

CVE-2026-22730 has a CVSS v3 score of 8.8 (HIGH).

CVE-2026-22730

8.8HIGH

Publicado: 3/18/2026Actualizado: 3/18/2026

Descripción

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.

Análisis IAImpulsado por IA

Referencias

https://spring.io/security/cve-2026-22730