Spring AI: Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor

GHSA-5852-phmh-8fhr · CVE-2026-41713

Published May 12, 2026 · Modified May 18, 2026

Description

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-41713
PACKAGE https://github.com/spring-projects/spring-ai
WEB https://spring.io/security/cve-2026-41713

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes