CVE-2026-41713 — HIGH (8.2)

Q: How severe is CVE-2026-41713?

CVE-2026-41713 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-41713?

Check the references section above for vendor advisories and patch information. Affected products include: Vmware Spring Ai.

Vulnerability Description

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Vmware	Spring Ai	>= 1.0.0, < 1.0.7

Related Weaknesses (CWE)

CWE-1336

References

https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/US Government Resource
https://spring.io/security/cve-2026-41713Vendor Advisory

FAQ

What is CVE-2026-41713?

CVE-2026-41713 is a vulnerability with a CVSS score of 8.2 (HIGH). A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may...

How severe is CVE-2026-41713?

CVE-2026-41713 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-41713?

Check the references section above for vendor advisories and patch information. Affected products include: Vmware Spring Ai.