PT-2026-37086 · Redis+1 · Redis-Server+2

Yoni Shiraz

Published

2026-05-05

Updated

2026-06-11

CVE-2026-23631

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:S/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions redis-server versions prior to 8.6.3

Description An authenticated attacker can exploit the master-replica synchronization mechanism in redis-server to trigger a use-after-free condition on replicas where the replica-read-only setting is disabled or can be disabled. This issue, which involves the Lua script interpreter, may lead to remote code execution.

Recommendations Update to version 8.6.3. Prevent users from executing Lua scripts as a temporary workaround. Avoid using replicas where replica-read-only is disabled.

Exploit

Fix

RCE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2026:25219

BDU:2026-06451

BIT-KEYDB-2026-23631

BIT-REDIS-2026-23631

BIT-VALKEY-2026-23631

CVE-2026-23631

OESA-2026-2237

OPENSUSE-SU-2026:10711-1

OPENSUSE-SU-2026:10719-1

RHSA-2026:25216

RHSA-2026:25219

Affected Products

Redis

Rocky Linux

Redis-Server

PT-2026-37086 · Redis+1 · Redis-Server+2

CVE-2026-23631

Weakness Enumeration

Related Identifiers

Affected Products

References · 57