CVE-2026-41863: LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API - 惯性聚合

推荐订阅源

人人都是产品经理

Recorded Future

Privacy & Cybersecurity Law Blog

Vulnerabilities – Threatpost

Cybersecurity and Infrastructure Security Agency CISA

让小产品的独立变现更简单 - ezindie.com

The Hacker News

The Cloudflare Blog

Darknet – Hacking Tools, Hacker News & Cyber Security

Cisco Talos Blog

Recent Announcements

Kaspersky official blog

The GitHub Blog

酷壳 – CoolShell

Fortinet All Blogs

Schneier on Security

罗磊的独立博客

Y Combinator Blog

Check Point Blog

The Exploit Database - CXSecurity.com

宝玉的分享

aimingoo的专栏

CTFtime.org: upcoming CTF events

Full Disclosure

Troy Hunt's Blog

OSCHINA 社区最新新闻

WordPress大学

Application and Cybersecurity Blog

Comments on: Blog

Help Net Security

Google DeepMind News

博客园 - 【当耐特】

Fox-IT International blog

Spring Security Advisories

CVE-2026-41713: Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor CVE-2026-41712: ChatMemory DEFAULT_CONVERSATION_ID causes unintended cross-user data leakage CVE-2026-41705: Expression injection in MilvusVectorStore doDelete allows data destruction CVE-2026-40990: Unbounded cache for function definitions CVE-2026-40989: Self Routing guard bypassed via function composition CVE-2026-41004: Spring Cloud Config Server Logged Sensitive Information CVE-2026-40981: Spring Cloud Config Clients Can Access Secrets From Any Project The Config Server Has Access To On Google Secrets Manager CVE-2026-40982: Directory Traversal with spring-cloud-config-server CVE-2026-41002: Spring Cloud Config Server Susceptible To TOCTOU Attack CVE-2026-40968 - Medium - CVE-2026-40968: Spring gRPC SecurityContext leaks across requests on authorization failure CVE-2026-40969 - Low - CVE-2026-40969: Spring gRPC AuthenticationException message reflected to remote client CVE-2026-40980 - Moderate - CVE-2026-40980: OOM by attacker-controlled PDF CVE-2026-40979 - Moderate - CVE-2026-40979: ONNX model cache defaults to world-writable predictable /tmp directory CVE-2026-40978 - High - CVE-2026-40978: SQL Injection in CosmosDBVectorStore.doDelete() CVE-2026-40967 - High - CVE-2026-40967: VectorStore FilterExpression Converter injection CVE-2026-40966 - Moderate - CVE-2026-40966: VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration CVE-2026-40971 - Medium - CVE-2026-40971: RabbitMQ auto-configuration with an SSL bundle disables TLS hostname verification CVE-2026-40976 - Critical - CVE-2026-40976: Default security filter chain has no authorization rule with Actuator but without Health CVE-2026-40977 - Medium - CVE-2026-40977: PID file write follows symlinks at predictable default path CVE-2026-40975 - Medium - CVE-2026-40975: Random value property source uses a weak PRNG unsuitable for secrets CVE-2026-40974 - Medium - CVE-2026-40974: Cassandra SSL auto-configuration disables TLS hostname verification CVE-2026-40973 - High - CVE-2026-40973: Predictable temp directory accepted without ownership verification CVE-2026-40972 - High - CVE-2026-40972: DevTools remote secret comparison is vulnerable to timing attacks CVE-2026-40970 - Medium - CVE-2026-40970: Elasticsearch auto-configuration with an SSL bundle disables TLS hostname verification CVE-2026-22752: Spring Security Authorization Server Dynamic Client Registration endpoints perform insufficient validation of client metadata CVE-2026-22751: Spring Security JdbcOneTimeTokenService allows a one-time token to authenticate multiple sessions CVE-2026-22748: Potential Security Misconfiguration when Using withIssuerLocation CVE-2026-22747: Unauthorized User Impersonation when Using X.509 Client Certificates CVE-2026-22754: Servlet Path Not Correctly Included in Path Matching of XML Authorization Rules CVE-2026-22753: Servlet Path Not Correctly Included in Path Matching of HttpSecurity#securityMatchers CVE-2026-22746: User Attribute Enumeration when Using DaoAuthenticationProvider CVE-2026-22740 - Medium - CVE-2026-22740: Spring Framework DoS with Multipart Temp Files in WebFlux CVE-2026-22741: Static resource cache poisoning in Spring MVC and WebFlux CVE-2026-22745 : Denial of service in static resource handling on Windows platforms CVE-2026-22750: SSL bundle configuration silently bypassed in Spring Cloud Gateway CVE-2026-22742: Server-Side Request Forgery in BedrockProxyChatModel via Unvalidated Media URL Fetching CVE-2026-22743: Server-Side Request Forgery via Filter Expression Keys in Neo4jVectorStore CVE-2026-22744: RediSearch Query via Unescaped TAG Filter Values in RedisVectorStore CVE-2026-22738: SpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution CVE-2026-22739: Spring Cloud Config Profile Substitution Can Allow Unintended Access To Files And Enable SSRF Attacks CVE-2026-22735 - Low - CVE-2026-22735: Server Sent Event stream corruption CVE-2026-22733: Authentication Bypass under Actuator CloudFoundry endpoints CVE-2026-22737: Spring Framework Improper Path Limitation with Script View Templates cve-2026-22732: Under Some Conditions Spring Security HTTP Headers Are not Written CVE-2026-22731: Authentication Bypass under Actuator Health groups paths

CVE-2026-41863: LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API

Spring · 2026-05-23 · via Spring Security Advisories

Description

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories.

Affected Spring Products and Versions

Spring AI:

1.1.0 - 1.1.x

Mitigation

Users of affected versions should upgrade to the corresponding fixed version.

Affected version(s)	Fix version	Availability
1.1.x	1.1.7	OSS

References

- https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N&version=3.1

此内容由惯性聚合(RSS阅读器)自动聚合整理，仅供阅读参考。原文来自 — 版权归原作者所有。