Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

8 matches found

GithubExploit
GithubExploitβ€’added yesterdayβ€’21 views

Exploit for Use After Free in Redis

redis-server from 7.2.0 until 8.6.3, the Remote Code Execution...

8.8CVSS6.3AI score0.00119EPSS
Exploits3
RedhatCVE
RedhatCVEβ€’added 2026/05/15 6:49 p.m.β€’4 views

CVE-2026-23479

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS5.9AI score0.00119EPSS
Exploits3References5
OSV
OSVβ€’added 2026/05/14 2:43 a.m.β€’1 views

MGASA-2026-0134 Updated redis packages fix security vulnerabilities

CVE-2026-23479 Use-After-Free in unblock client flow may lead to Remote Code Execution. CVE-2026-25243 Invalid memory access in RESTORE may lead to Remote Code Execution CVE-2026-23631 Lua Use-After-Free may lead to remote code execution A user can manipulate data read by a connection by injectin...

8.8CVSS6.1AI score0.00308EPSS
Exploits3References5
Positive Technologies
Positive Technologiesβ€’added 2026/05/07 12:0 a.m.β€’5 views

PT-2026-38482

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.00119EPSS
Exploits3References4
Positive Technologies
Positive Technologiesβ€’added 2026/05/07 12:0 a.m.β€’5 views

PT-2026-38467

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

8.8CVSS6.1AI score0.00119EPSS
Exploits3References4
CVE
CVEβ€’added 2026/05/05 4:36 p.m.β€’36 views

CVE-2026-23479

Redis server 7.2.0–8.6.3 is affected by a use-after-free in the unblock client flow when re-executing a blocked command if an error return from processCommandAndResetClient isn’t handled. If a blocked client is evicted during this path, an authenticated attacker could potentially achieve remote c...

8.8CVSS6.1AI score0.00119EPSS
Exploits3References2Affected Software1
Vulnrichment
Vulnrichmentβ€’added 2026/05/05 4:36 p.m.β€’2 views

CVE-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

7.7CVSS6.1AI score0.00119EPSS
Exploits3References2
Cvelist
Cvelistβ€’added 2026/05/05 4:36 p.m.β€’33 views

CVE-2026-23479 redis-server use-after-free in unblock client flow may allow remote code execution

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger...

7.7CVSS0.00119EPSS
Exploits3References2
Rows per page
Query Builder