URL has been copied successfully!
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely


Tags: , , , , , ,

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances.The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0.”An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free,

First seen on thehackernews.com

Jump to article: thehackernews.com/2025/10/13-year-redis-flaw-exposed-cvss-100.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top 12 ways hackers broke into your systems in 2024
  2. Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
  3. A pickle in Meta’s LLM code could allow RCE attacks
  4. 13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely