1. Spring AI Chat Memory Component Exposed Users to Cross-Tenant Data Leak via Risky Default Setting
A high-severity vulnerability in Spring AI's chat memory component has been identified, carrying a CVSS score of 7.5. The flaw stems from a problematic default configuration that, when left unaddressed by developers, can expose conversation data between different users. This represents a classic case of secure-by-defau...