Executive Summary

CVE-2026-22744 is a high-severity vulnerability in the RedisFilterExpressionConverter component of the spring-ai-redis-store module in Spring AI versions 1.0.0 through 1.0.x and 1.1.0 through 1.1.x.

The issue occurs when a user-controlled string is passed as a filter value for a TAG field in a RediSearch query. The stringValue() method inserts this value directly into the RediSearch TAG block syntax (@field:{VALUE}) without properly escaping special characters.

Because of this lack of escaping, the query can become malformed or vulnerable to injection attacks.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow an attacker to craft malicious input that is directly inserted into RediSearch TAG queries without escaping, potentially leading to injection attacks or malformed queries.

The CVSS v3.1 base score is 7.5, indicating a high severity with a network attack vector, low attack complexity, no privileges required, and no user interaction needed.

The impact is primarily on confidentiality, meaning sensitive data could be exposed, but there is no impact on integrity or availability.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate the vulnerability in spring-ai-redis-store, you should upgrade to the fixed versions: 1.0.5 for the 1.0.x branch and 1.1.4 for the 1.1.x branch.

No additional mitigation steps are required beyond upgrading.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in RedisFilterExpressionConverter allows user-controlled strings to be inserted into RediSearch TAG blocks without proper escaping, which can lead to injection attacks and malformed queries.

This vulnerability has a high confidentiality impact, meaning sensitive data could potentially be exposed or accessed improperly.

Such exposure or unauthorized access to sensitive data could negatively affect compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls over confidentiality and data security.

Mitigation involves upgrading to fixed versions of the affected software, which is necessary to maintain compliance and reduce risk.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability affects the spring-ai-redis-store component of Spring AI versions from 1.0.0 before 1.0.5 and from 1.1.0 before 1.1.4. Detection involves identifying if these vulnerable versions are in use.

Since the issue arises from the RedisFilterExpressionConverter inserting unescaped user-controlled strings into RediSearch TAG queries, monitoring for unusual or malformed RediSearch TAG queries in logs or network traffic may help detect exploitation attempts.

No specific detection commands are provided in the available resources.

To detect the vulnerable version on your system, you can check the version of the spring-ai-redis-store dependency in your application. For example, if you have access to the application environment, you might run commands like:

• For Maven-based projects: mvn dependency:list | grep spring-ai-redis-store
• For Gradle-based projects: ./gradlew dependencies --configuration runtimeClasspath | grep spring-ai-redis-store

Additionally, inspecting application logs for RediSearch queries containing unescaped TAG field values might indicate attempts to exploit this vulnerability.

Useful 0 Not Useful 0