Spring AI 2.0.0 Reaches General Availability
Spring AI 2.0.0 is now generally available on Maven Central, marking the stable release of Spring's AI application framework rebuilt on top of Spring Boot 4.0/4.1 and Spring Framework 7.0. This is a hard dependency bump — teams still on Spring Boot 3.x will need to complete that migration before adopting Spring AI 2.0.
The release brings several structural changes. JSON handling has moved to Jackson 3, with a new JsonHelper class for customization, and the codebase is now annotated throughout with JSpecify null-safety annotations to catch optional-vs-mandatory value mistakes at compile time. Configuration objects have been refactored to use immutable builders with consistent defaults and reflection-free merging. On the model side, Spring AI now ships first-party integrations for OpenAI, Anthropic, Amazon Bedrock, Google GenAI, Mistral AI, DeepSeek, and Ollama, while Oracle and Microsoft integrations move to externally maintained modules.
The biggest architectural change is to tool execution: tool calling is now a first-class part of the advisor chain rather than being baked into each ChatModel. New advisors include ToolCallingAdvisor for automatic tool-call round trips, ToolSearchToolCallingAdvisor for progressively managing hundreds of available tools without overwhelming the model's context, and StructuredOutputValidationAdvisor, which can automatically retry when a model's JSON output fails validation.
Model Context Protocol support also graduates from an experimental module to Spring AI core, shipping with MCP Java SDK 2.0.0 (compliant with the November 25, 2025 MCP specification). A Spring Boot 4 application can now act as both an MCP client and an MCP server out of the box, using a new annotation-driven model (@McpTool, @McpResource, @McpPrompt). Streamable HTTP replaces SSE as the default transport, and the integration includes full OpenTelemetry observability plus OAuth 2.0 security for MCP endpoints.
Read more — Spring Blog
Spring for GraphQL Patches Three High-Severity CVEs
The Spring for GraphQL team released versions 1.4.6 and 2.0.4, both maintenance releases focused on security. Together they address three CVEs rated "High" severity:
- CVE-2026-41699 — an unsafe deserialization vulnerability
- CVE-2026-41700 — a cross-site WebSocket hijacking flaw
- CVE-2026-41856 — an annotation detection vulnerability
Given the severity rating across all three issues, any application using Spring for GraphQL should upgrade promptly. Notably, 1.4.6 is described as the final OSS release of the 1.4.x line — the project is steering users toward the 2.0.x generation going forward, so teams still on 1.4.x should treat this as a prompt to plan their move to 2.0 rather than continuing to receive patches on the older branch. Both versions are available now from Maven Central, and commercial support for organizations needing extended assistance remains available through enterprise.spring.io.
Read more — Spring Blog
