CVE-2026-22730 | VMware Spring AI up to 1.0.3/1.1.2 MariaDBFilterExpressionConverter sql injection

A vulnerability categorized as critical has been discovered in VMware Spring AI up to 1.0.3/1.1.2. Affected by this issue is some unknown functionality of the component MariaDBFilterExpressionConverter. Such manipulation leads to sql injection.

This vulnerability is documented as CVE-2026-22730. The attack can be executed remotely. There is not any exploit available.

It is advisable to upgrade the affected component.