Spring AI Redis Store TAG Injection Vulnerability (CVE-2026-22744)
CVE-2026-22744 is a code injection vulnerability in Spring AI's RedisFilterExpressionConverter which allows an attacker to inject arbitrary commands into RediSearch TAG blocks via unescaped user-controlled strings, affecting versions 1.0.0 before 1.0.5 and 1.1.0 before 1.1.4.
CVE-2026-22744 is a critical vulnerability found within the RedisFilterExpressionConverter of the Spring AI Redis Store. The vulnerability arises because the stringValue() function directly inserts user-supplied strings into the @field:{VALUE} RediSearch TAG block without proper sanitization or escaping. This allows an attacker to inject arbitrary commands or data into the Redis database if they can control the input used as a filter value for a TAG field. This vulnerability affects…
Detection coverage 2
Detect Potential Redis Injection Attempts via Web Request
highDetects suspicious web requests that may be attempting to inject Redis commands through filter parameters targeting Spring AI applications.
Detect RediSearch TAG Injection in Web Logs
highThis rule detects potential RediSearch TAG injection attempts by monitoring web server logs for specific patterns indicative of command injection.
Detection queries are kept inside the platform. Get full rules →