PT-2026-37086 · Redis+1 · Redis-Server+2

Yoni Shiraz

·

Published

2026-05-05

·

Updated

2026-06-30

·

CVE-2026-23631

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions redis-server versions prior to 8.6.3
Description An authenticated attacker can exploit the master-replica synchronization mechanism in redis-server to trigger a use-after-free condition on replicas where the replica-read-only setting is disabled or can be disabled. This issue, which involves the Lua script interpreter, may lead to remote code execution.
Recommendations Update to version 8.6.3. Prevent users from executing Lua scripts as a temporary workaround. Avoid using replicas where replica-read-only is disabled.

Exploit

Fix

RCE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2026:25219
ALSA-2026:25925
BDU:2026-06451
BIT-KEYDB-2026-23631
BIT-REDIS-2026-23631
BIT-VALKEY-2026-23631
CVE-2026-23631
GHSA-8GHH-QPMP-7826
OESA-2026-2237
OPENSUSE-SU-2026:10711-1
OPENSUSE-SU-2026:10719-1
OPENSUSE-SU-2026:20776-1
RHSA-2026:25216
RHSA-2026:25219
SUSE-SU-2026:1949-1
SUSE-SU-2026:1950-1
SUSE-SU-2026:2097-1
SUSE-SU-2026:2099-1
SUSE-SU-2026:2100-1
SUSE-SU-2026:21814-1

Affected Products

Redis
Rocky Linux
Redis-Server