Skip to content
CVSS 8.1 · HIGH

CVE-2026-23631

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remote code execution. A workaround is to prevent users from executing Lua scripts or avoid using replicas where replica-read-only is disabled. This is patched in version 8.6.3.

Ver en NVD

Análisis

Redis is vulnerable to a use-after-free flaw in its master-replica synchronization mechanism when using Lua scripts. An authenticated attacker can trigger remote code execution on replicas where read-only mode is disabled. To mitigate this risk, update to version 8.6.3 or ensure your replicas are set to read-only.

Severidad

Puntaje: 8.1(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: NONE
I: HIGH
A: HIGH
Tipo de falla (CWE): CWE-416

EPSS

Probabilidad de explotación (próx. 30 días): 0.0010 (0.1%)
Percentil: 27.8%
EPSS: 2026-05-06

Afecta

redis:redis

Descripción técnica

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remote code execution. A workaround is to prevent users from executing Lua scripts or avoid using replicas where replica-read-only is disabled. This is patched in version 8.6.3.

Publicada: 5/5/2026, 17:17:03
Última modificación: 6/5/2026, 16:14:21

Referencias

InicioEventosBlogRecursosEquipo