CVE-2026-41863 | Vmware Spring AI up to 1.1.6 Anthropic Skills API Path.resolve path traversal

Inserito da Angelo Barbosa | Mag 25, 2026 | CVE

A vulnerability was found in Vmware Spring AI up to 1.1.6. It has been classified as critical. Affected by this vulnerability is the function Path.resolve of the component Anthropic Skills API Handler. Performing a manipulation results in path traversal.

This vulnerability is known as CVE-2026-41863. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.

CVE-2026-41863 | Vmware Spring AI up to 1.1.6 Anthropic Skills API Path.resolve path traversal

Post correlati

CVE-2024-3315 | SourceCodester Computer Laboratory Management System 1.0 classes/user.php id sql injection

CVE-2024-30620 | Tenda AX1803 1.0.0.1 /goform/AdvSetMacMtuWan fromAdvSetMacMtuWan serviceName stack-based overflow

CVE-2025-26520 | Cacti up to 1.2.29 host_templates.php template graph_template sql injection

CVE-2023-47464 | GL.iNET AX1800 up to 4.4.x Upload API permission