Redis recently released a security advisory regarding CVE-2025-49844. This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute ...

A 13-year-old critical flaw in Redis servers, rated a perfect 10 out of 10 in severity, can let an authenticated user trigger remote code execution.… For anyone using Redis Cloud, the service has ...

A critical security flaw in Redis, a popular in-memory database platform used by about 75% of cloud environments, has left an estimated 60,000 servers vulnerable to remote exploitation. The flaw, ...

Redis patches CVE-2025-49844, a critical bug enabling remote code execution via Lua script abuse Vulnerability had existed for 13 years; affects versions 8.2.1 and below, now fixed in 8.2.2 Over ...

The Redis security team has issued a warning to system administrators and cloud infrastructure providers after discovering a critical vulnerability that could allow threat actors to remotely hijack ...

The worm, dubbed P2PInfect, works across platforms and is resistant to takedowns. It might be the first stage of a larger attack. Researchers have discovered a new worm that infects servers running ...

The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary code on the underlying server. The popular Redis in-memory data store ...

The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote ...