Security Advisory

CVE-2026-22730

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-18 07:36:30

Last updated 2026-03-19 03:55:21

Assigner vmware

State PUBLISHED

Description

A critical SQL injection vulnerability in Spring AIs MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.

← Browse all CVEs View on cve.org ↗