Spring AI CosmosDBVectorStore Vulnerable to SQL Injection (CVE-2026-40978)
The National Vulnerability Database has detailed a critical SQL injection flaw, CVE-2026-40978, affecting specific versions of Spring AI’s CosmosDBVectorStore. Attackers can leverage this vulnerability by submitting specially crafted document IDs, enabling them to execute arbitrary SQL queries against the database. This poses a significant risk, potentially leading to data exfiltration, modification, or even complete system compromise.
Versions 1.0.0 through 1.0.5 and 1.1.0 through 1.1.4 of Spring AI are impacted. The National Vulnerability Database assigns this vulnerability a CVSS score of 8.8 (HIGH), highlighting its severity due to its network accessibility, low complexity, and potential for high impact on confidentiality, integrity, and availability.
Defenders must prioritize patching affected Spring AI instances to versions 1.0.6 or 1.1.5 immediately. For organizations unable to patch promptly, rigorous input validation on document IDs submitted to the CosmosDBVectorStore is crucial. Auditing database logs for suspicious query patterns can also help detect potential exploitation.
What This Means For You
- If your organization uses Spring AI's CosmosDBVectorStore in versions 1.0.0-1.0.5 or 1.1.0-1.1.4, you must patch these versions to 1.0.6 or 1.1.5 immediately to mitigate CVE-2026-40978. Review your input sanitization for document IDs and monitor your Cosmos DB for unusual query activity.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
Spring AI CosmosDBVectorStore SQL Injection Attempt - CVE-2026-40978
title: Spring AI CosmosDBVectorStore SQL Injection Attempt - CVE-2026-40978
id: scw-2026-04-28-ai-1
status: experimental
level: critical
description: |
Detects attempts to exploit the SQL injection vulnerability (CVE-2026-40978) in Spring AI's CosmosDBVectorStore. Attackers craft document IDs to inject SQL commands. This rule looks for common SQL injection patterns within the query string targeting the /cosmosdb/vectorstore endpoint.
author: SCW Feed Engine (AI-generated)
date: 2026-04-28
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-40978/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri-query|contains:
- "' OR "
- "' OR 1=1 --"
- "' OR 'a'='a' --"
- "' OR 1=1 #"
- "' OR 'a'='a' #"
cs-uri|contains:
- "/cosmosdb/vectorstore"
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-40978 | SQLi | Spring AI: 1.0.0 - 1.0.5 |
| CVE-2026-40978 | SQLi | Spring AI: 1.1.0 - 1.1.4 |
| CVE-2026-40978 | SQLi | CosmosDBVectorStore component |
| CVE-2026-40978 | SQLi | crafted document IDs |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 12:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7280 — Code Execution
CVE-2026-7280 — AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a...
AVACAST DLL Hijacking (CVE-2026-7279) Allows System Code Execution
CVE-2026-7279 — AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory,...
CVE-2026-7264 — SQL Injection
CVE-2026-7264 — A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get_cart_items of the file /admin/ajax.php?action=get_cart_items. Executing a manipulation...