A vulnerability categorized as critical has been discovered in VMware Spring AI up to 1.0.3/1.1.2 . Affected by this issue is some unknown functionality of the component MariaDBFilterExpressionConverter . Such manipulation leads to sql injection. This vulnerability is documented as CVE-2026-22730 . The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.