Computing

Critical Redis vulnerability: tens of thousands at risk of remote code execution attacks

The Redis security team has issued a warning to system administrators and cloud infrastructure providers after discovering a critical vulnerability that could allow threat actors to remotely hijack ...
CSOonline

New peer-to-peer worm infects Redis instances through Lua vulnerability

The worm, dubbed P2PInfect, works across platforms and is resistant to takedowns. It might be the first stage of a larger attack. Researchers have discovered a new worm that infects servers running ...
it-daily.net

Critical security vulnerability in Redis enables system takeover

Security firm Sysdig is warning about a critical security vulnerability in the widely used in-memory data store Redis. The flaw, tracked as CVE-2025-49844 and dubbed „RediShell“ by security ...
Dark Reading

P2P Self-Replicating Cloud Worm Targets Redis

Note: Article updated on 7-20-23 to add a statement from Redis. Researchers have identified a cross-platform, Rust-based, peer-to-peer (P2) worm that's targeting the Redis open-source database ...
heise online

Database Redis: Vulnerability allows execution of malicious code

The developers of the in-memory database Redis have closed a security vulnerability that allows attackers to execute arbitrary malicious code. The issue occurs from ...
The Hacker News

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Redis CVE-2026-23479 enables authenticated RCE; affecting versions since 7.2.0, patched May 5 to reduce exploitation risk.
Dark Reading

Patch Now: 'RediShell' Threatens Cloud Via Redis RCE

A 13-year-old vulnerability that affects all versions of the Redis open source data storage service can allow attackers to take full control of a host system, posing a significant threat to cloud ...