Lucene search
K

15 matches found

RedHat Linux
RedHat Linux
β€’added yesterdayβ€’6 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.7AI score0.01782EPSS
Exploits0References6
RedHat Linux
RedHat Linux
β€’added 2026/06/16 1:39 p.m.β€’7 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.5AI score0.01782EPSS
Exploits0References6
RedHat Linux
RedHat Linux
β€’added 2026/06/15 10:18 a.m.β€’11 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.5AI score0.01782EPSS
Exploits0References6
RedHat Linux
RedHat Linux
β€’added 2026/06/11 10:5 a.m.β€’7 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.6AI score0.01782EPSS
Exploits0References6
RedhatCVE
RedhatCVE
β€’added 2026/05/26 4:50 p.m.β€’10 views

CVE-2026-23631

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.7AI score0.01782EPSS
Exploits0References5
OSV
OSV
β€’added 2026/05/09 12:32 p.m.β€’12 views

OESA-2026-2237 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: When a blocked client is evicted while re-executing a blocked command, an authenticated user may trigger a use-after-free and...

8.8CVSS6.4AI score0.02995EPSS
Exploits4References4
OSV
OSV
β€’added 2026/05/07 8:42 a.m.β€’7 views

BIT-KEYDB-2026-23631 redis-server Lua use-after-free may allow remote code execution

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

8.8CVSS6.1AI score0.01782EPSS
Exploits0References3
SUSE CVE
SUSE CVE
β€’added 2026/05/07 2:22 a.m.β€’8 views

SUSE CVE-2026-23631

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

7.5CVSS6.1AI score0.01782EPSS
Exploits0References12
OSV
OSV
β€’added 2026/05/05 5:17 p.m.β€’4 views

ALPINE-CVE-2026-23631

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

8.1CVSS6.1AI score0.01782EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
β€’added 2026/05/05 4:39 p.m.β€’2 views

CVE-2026-23631

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

6.1CVSS6.1AI score0.01782EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
β€’added 2026/05/05 4:39 p.m.β€’6 views

CVE-2026-23631 redis-server Lua use-after-free may allow remote code execution

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

6.1CVSS6.1AI score0.01782EPSS
Exploits0References2
Cvelist
Cvelist
β€’added 2026/05/05 4:39 p.m.β€’40 views

CVE-2026-23631 redis-server Lua use-after-free may allow remote code execution

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

6.1CVSS0.01782EPSS
Exploits0References2
CVE
CVE
β€’added 2026/05/05 4:39 p.m.β€’44 views

CVE-2026-23631

CVE-2026-23631 affects the Redis server when using Lua scripting. An authenticated attacker can abuse the master–replica synchronization to trigger a use-after-free on replicas with replica-read-only disabled (or that can be disabled), potentially enabling remote code execution. The issue is miti...

8.8CVSS6.1AI score0.01782EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
β€’added 2026/05/05 4:39 p.m.β€’11 views

CVE-2026-23631

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

8.8CVSS6.1AI score0.01782EPSS
Exploits0
AlpineLinux
AlpineLinux
β€’added 2026/05/05 4:39 p.m.β€’4 views

CVE-2026-23631

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...

8.8CVSS6.1AI score0.01782EPSS
Exploits0References11
Rows per page
Query Builder