CVE-2026-22729 — A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-con — CVE Database · The Intelligence Room