com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.5)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321395...

org.springframework.ai:spring-ai-starter-vector-store-redis (>=1.1.0 <=1.1.3) potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.1.0-M1 <=1.1.3)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.3 Source cves: CVE-2026-22744 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791529...

com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.4)

org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-22744 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791529...

Spring AI Redis Store has TAG Field Query Injection Through Improper Neutralization of Special Characters

In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters. This issue affects Spring AI: from 1.0.0 before...

GHSA-44F4-GVWJ-6QG3 Spring AI Redis Store has TAG Field Query Injection Through Improper Neutralization of Special Characters

In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue inserts the value directly into the @field:VALUE RediSearch TAG block without escaping characters. This issue affects Spring AI: from 1.0.0 before...