Topic: redis vulnerability

Sort by: Relevance | Date
  • 60,000 Redis Servers Exposed by Critical Security Flaw
    October 13, 2025

    60,000 Redis Servers Exposed by Critical Security Flaw

    A critical vulnerability (CVE-2025-49844) in Redis, rated 10.0 in severity, allows attackers to gain full control over servers by exploiting a flaw in the Lua scripting engine that has existed for 13 years. Approximately 60,000 publicly accessible Redis servers with no authentication are at direc...

    Read More »
  • Critical Redis Flaw Exposes Thousands of Instances
    October 8, 2025

    Critical Redis Flaw Exposes Thousands of Instances

    A critical security vulnerability (CVE-2025-49844) in Redis allows authenticated attackers to execute remote code via a use-after-free flaw in Lua scripting, posing a severe risk to systems. The flaw affects a vast number of organizations due to Redis's widespread use in cloud environments, and i...

    Read More »
  • Urgent Redis Update Fixes Critical RCE Vulnerability
    October 8, 2025

    Urgent Redis Update Fixes Critical RCE Vulnerability

    A critical use-after-free vulnerability (CVE-2025-49844) in Redis's Lua scripting allows authenticated attackers to execute arbitrary code on the host server, affecting versions 8.2.1 and earlier. The flaw is exacerbated by default configurations in Redis container images that disable authenticat...

    Read More »

Related Topics

cloud security (106) lua scripting (3) remote code execution (71) security recommendations (50) lateral movement (37) authentication bypass (22) malware deployment (13) use-after-free (2)