redis News Articles
Recent news articles refferecing the vendors vulnerabilities.
CPO MagazineCVE-2025-49844Redis Critical Vulnerability Exposes over 60,000 Instances to RCE and Host Take Over - CPO Magazine
Security researchers at Wiz Research have discovered a critical vulnerability in the Redis in-memory database that could allow an attacker to gain remote code execution (RCE) capabilities and take over the host.
1 week ago
PoC Released for Critical Lua Engine Vulnerabilities
A recent security audit of Redis 7.4.5 uncovered three severe flaws in the embedded Lua interpreter.
2 weeks ago
PoC Exploit Released for Critical Vulnerabilities in Lua Engine
A new proof-of-concept exploit has been released for three severe vulnerabilities in the Lua scripting engine used by Redis 7.4.5.
2 weeks ago
Security AffairsCVE-2025-49844Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution
Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via use-after-free. Attackers need authenticated access to exploit it.
2 weeks ago
Help Net SecurityCVE-2025-49844Redis patches critical "RediShell" RCE vulnerability, update ASAP! (CVE-2025-49844) - Help Net Security
Redis has released patches for a critical vulnerability (CVE-2025-49844) that may allow attackers full access to the underlying host system.
2 weeks ago
Cyber PressCVE-2025-49844Redis Use-After-Free Vulnerability Enables Remote Code Execution
A critical security vulnerability has been discovered in Redis Server that allows authenticated attackers to achieve remote code execution
2 weeks ago
GBHackers NewsCVE-2025-49844Redis Server Use-After-Free Vulnerability Allows Remote Code Execution
A security vulnerability has been discovered in Redis Server that could allow authenticated attackers to achieve remote code execution.
2 weeks ago
Patch Now: ‘RediShell’ Threatens Cloud Via Redis RCE
A 13-year-old flaw with a CVSS score of 10 in the popular data storage service allows for full host takeover; more than 300k instances currently exposed.
2 weeks ago
The Hacker NewsCVE-2025-4984413-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis fixes 13-year CVSS 10 flaw allowing Lua script-based remote code execution in all versions.
2 weeks ago
Critical Vulnerability Puts 60,000 Redis Servers at Risk of Exploitation
A critical-severity vulnerability that lingered in Redis for 13 years potentially exposes 60,000 servers to exploitation.
2 weeks ago
Critical 9.9 Redis vulnerability enables remote code execution
Crafted Lua scripts could be used to trigger a use-after-free flaw in affected instances.
2 weeks ago
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances.
2 weeks ago