CSOonline

10.0-severity RCE flaw puts 60,000 Redis instances at risk

The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary code on the underlying server. The popular Redis in-memory data store ...
TechRadar

Redis warns major security flaw could be impacting thousands of instances - so patch now

Redis patches CVE-2025-49844, a critical bug enabling remote code execution via Lua script abuse Vulnerability had existed for 13 years; affects versions 8.2.1 and below, now fixed in 8.2.2 Over ...
Dark Reading

Patch Now: 'RediShell' Threatens Cloud Via Redis RCE

A 13-year-old vulnerability that affects all versions of the Redis open source data storage service can allow attackers to take full control of a host system, posing a significant threat to cloud ...