Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RockyLinux 10 : valkey (RLSA-2026:25216)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25216 advisory. redis: use-after-free in unblock client flow may allow remote code execution CVE-2026-23479 redis: Remote code execution via use-after-free in Lua...

redis security update

An update is available for redis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

RockyLinux 9 : redis (RLSA-2026:23229)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:23229 advisory. redis: RESTORE invalid memory access may allow remote code execution CVE-2026-25243 Tenable has extracted the preceding description block directly from the...

Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

SUSE SLES15 Security Update : valkey (SUSE-SU-2026:1949-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1949-1 advisory. This update for valkey fixes the following issues - CVE-2026-23479: use-after-free in unblock client flow may lead to remote code...

Fedora 43 : valkey (2026-76cf27ea56)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-76cf27ea56 advisory. Version 8.1.7 Security fixes - CVE-2026-23479 Use-After-Free in unblock client flow - CVE-2026-25243 Invalid Memory Access in RESTORE command -...

OESA-2026-2237 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: When a blocked client is evicted while re-executing a blocked command, an authenticated user may trigger a use-after-free and...

redis-8.6.3-1.1 on GA media (moderate)

redis-8.6.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10711-1 Rating: moderate Cross-References: CVE-2026-23479 CVE-2026-23631 CVE-2026-25243 CVE-2026-25588 CVE-2026-25589 CVSS scores: CVE-2026-23479 SUSE : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23479 SUSE : 7.7...

Linux Distros Unpatched Vulnerability : CVE-2026-25243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An...

ALPINE-CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

UBUNTU-CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...