CVE-2026-23631

EUVD-2026-27398

05.05.2026, 17:17

Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remote code execution. A workaround is to prevent users from executing Lua scripts or avoid using replicas where replica-read-only is disabled. This is patched in version 8.6.3.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.1 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 54%

Affected Products (NVD)

Vendor	Product	Version
redis	redis	𝑥 < 8.6.3

𝑥

= Vulnerable software versions

openSUSE / SLES Releases

openSUSE Product

Release

redis

suse enterprise server 15 SP6

7.2.4-150600.3.24.1

fixed

redis7

suse enterprise server 15 SP5	7.0.8-150500.3.31.1 fixed
suse enterprise server 15 SP6	7.0.8-150600.8.25.1 fixed

valkey

suse enterprise sap 15 SP7	8.0.9-150700.3.17.1 fixed
suse enterprise server 15 SP6	8.0.9-150600.13.23.1 fixed
suse enterprise server 15 SP7	8.0.9-150700.3.17.1 fixed

valkey-compat-redis

suse enterprise sap 15 SP7	8.0.9-150700.3.17.1 fixed
suse enterprise server 15 SP6	8.0.9-150600.13.23.1 fixed
suse enterprise server 15 SP7	8.0.9-150700.3.17.1 fixed

valkey-devel

suse enterprise sap 15 SP7	8.0.9-150700.3.17.1 fixed
suse enterprise server 15 SP6	8.0.9-150600.13.23.1 fixed
suse enterprise server 15 SP7	8.0.9-150700.3.17.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

valkey

RHEL 9

0:8.0.9-1.el9_8

fixed

valkey-devel

RHEL 9

0:8.0.9-1.el9_8

fixed

Amazon Linux Releases

Amazon Package

Release

valkey

Amazon Linux 2023

0:9.0.4-1.amzn2023.0.1

fixed

valkey-debuginfo

Amazon Linux 2023

0:9.0.4-1.amzn2023.0.1

fixed

valkey-debugsource

Amazon Linux 2023

0:9.0.4-1.amzn2023.0.1

fixed

valkey-devel

Amazon Linux 2023

0:9.0.4-1.amzn2023.0.1

fixed

Azure Linux Releases

Azure Package

Release

valkey

Azure Linux 3.0

0:8.0.9-1.azl3

fixed

Common Weakness Enumeration

CWE-416 - Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

Vulnerability Media Exposure

[GERMAN] Redis: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Redis ausnutzen, um beliebigen Programmcode.
Published: 2026-05-05T22:00:00+00:00

References

https://github.com/redis/redis/releases/tag/8.6.3

https://github.com/redis/redis/security/advisories/GHSA-8ghh-qpmp-7826