CVE-2026-40966 — In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conve — CVE Database · The Intelligence Room