March 18, 2026 vulnerability digest: Spring AI injection hits RAG, ONNX has no patch
by Artem Safonov
SQL injection meets RAG pipelines. Spring AI flaws turn chatbot queries into database commands. An unpatched ONNX bypass silences model trust checks. A CVSS 9.8 WordPress healthcare plugin leaks patient records with just an email address.
Read more →