CVE-2026-41863
published 2026-05-25CVE-2026-41863: Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a…
PriorityP342medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.40%
31.6th percentile
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories.
Affected versions:
Spring AI: 1.1.0 through 1.1.x
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| spring | spring_ai | 1.1.0 – 1.1.x | — |
| vmware | spring_ai | >= 1.1.0 < 1.1.7 | 1.1.7 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
cvelistv5v3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cc4m-mp48-x7qg: Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path
ghsa_unreviewed·2026-05-26
CVE-2026-41863 [MEDIUM] CWE-22 GHSA-cc4m-mp48-x7qg: Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories.
Affected versions:
Spring AI: 1.1.0 through 1.1.x
GHSA
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk
ghsa·2026-05-26
CVE-2026-41863 [MEDIUM] CWE-22 Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories.
Affected versions:
Spring AI: 1.1.0 through 1.1.7
VulDB
Vmware Spring AI up to 1.1.6 Anthropic Skills API Path.resolve path traversal (EUVD-2026-31638)
vuldb·2026-05-25
CVE-2026-41863 [CRITICAL] Vmware Spring AI up to 1.1.6 Anthropic Skills API Path.resolve path traversal (EUVD-2026-31638)
A vulnerability was found in Vmware Spring AI up to 1.1.6. It has been classified as critical. Affected by this vulnerability is the function Path.resolve of the component Anthropic Skills API Handler. Performing a manipulation results in path traversal.
This vulnerability is known as CVE-2026-41863. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is recommended.
CVEList
LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API
cvelistv5·2026-05-25·CVSS 6.5
CVE-2026-41863 [MEDIUM] CWE-22 LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API
LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories.
Affected versions:
Spring AI: 1.1.0 through 1.1.x
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-25
Published