Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12628
Total
849
Critical
3640
High
3960
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-22742 | HIGH | 8.6 | Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those … | Mar 27, 2026 |
| CVE-2026-22738 | CRITICAL | 9.8 | In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A malicious actor could … | Mar 27, 2026 |
| CVE-2024-14028 | MEDIUM | 6.5 | Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before … | Mar 27, 2026 |