CVE ID :CVE-2026-22742 Published : March 27, 2026, 6:16 a.m. | 1 hour, 21 minutes ago Description :Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests to unintended internal or external destinations. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...