AlmaLinux 9 : redis (ALSA-2026:23229)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:23229 advisory. redis: RESTORE invalid memory access may allow remote code execution CVE-2026-25243 Tenable has extracted the preceding description block directly from the...

TencentOS Server 4: redis (TSSA-2026:0403)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0403 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Exploit for Use After Free in Redis

redis-server from 7.2.0 until 8.6.3, the Remote Code Execution...

RHEL 9 : redis (RHSA-2026:23229)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23229 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

SUSE SLES15 Security Update : redis (SUSE-SU-2026:2098-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2098-1 advisory. This update for redis fixes the following issue - CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialize...

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A vulnerability exists starting from version 2.2, and is related to out-of-bounds reads and integer overflow leading to buffer overflow. This vulnerability is present in versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, the Redis BIT...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. A user with sufficient privileges can create a malformed ACL selector, which, when accessed, triggers a server panic and subsequent denial of service. This issue has been fixed in Redis 7.2.7 and 7.4.2...

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. A authenticated user may use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution. This issue has been fixed in versions 7.4.2, 7.2.7, and 6.2.17. An additional...

CVE-2026-23479

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

TencentOS Server 4: redis (TSSA-2026:0218)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0218 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

PT-2026-39715

Name of the Vulnerable Software and Affected Versions Inbox Zero versions prior to 2.29.3 Description The cleaner email stream endpoint used a shared Redis subscription listener. This configuration could result in thread events for one authenticated account being delivered to another authenticate...

Linux Distros Unpatched Vulnerability : CVE-2026-23479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from...

Linux Distros Unpatched Vulnerability : CVE-2026-23631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica...

CVE-2026-25243 redis-server RESTORE invalid memory access may allow remote code execution

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

Security Bulletin: Vulnerability in Redis affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Redis has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk.Authenticated users can trigger a denial-of-service attack by using specially crafted, overly long pattern matching on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST, and ACL definitions. Matchi...

Astra Linux – Vulnerability in Redis

Redis is an open-source, in-memory database that persists data on disk. In affected versions of Redis, a integer overflow bug in the 32-bit Redis version 4.0 or newer can be exploited to corrupt the heap, potentially leading to remote code execution. Redis 4.0 or newer includes a configurable lim...

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. A specially crafted XAUTOCLAIM command on a stream key in a specific state may lead to a heap overflow, and potentially remote code execution. This issue affects versions on the 7.x branch prior to 7.0.4. The patch is released in version...

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk.Authenticated users who issue specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, leading to a runtime assertion and termination of the Redis server process. This issue affects all Redis...

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk.Authenticated users can issue HRANDFIELD or ZRANDMEMBER commands with specially crafted arguments to trigger a denial-of-service attack, causing Redis to crash due to an assertion failure. This vulnerability affects Redis versions 6.2 or...