Skip to content
Threat Feed

Tag

Redis

2 briefs RSS
high advisory

Spring AI Redis Store TAG Injection Vulnerability (CVE-2026-22744)

CVE-2026-22744 is a code injection vulnerability in Spring AI's RedisFilterExpressionConverter which allows an attacker to inject arbitrary commands into RediSearch TAG blocks via unescaped user-controlled strings, affecting versions 1.0.0 before 1.0.5 and 1.1.0 before 1.1.4.

injection spring-ai redis
2r 1t
critical advisory

Multiple Vulnerabilities in Redis

Multiple vulnerabilities in Redis allow an attacker to execute arbitrary program code and perform a denial-of-service attack.

redis vulnerability code execution denial of service
2r 2t