CVE-2026-25243
published 2026-05-05CVE-2026-25243: Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An…
PriorityP269high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
3.00%
85.7th percentile
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead to remote code execution. A workaround is to restrict access to the RESTORE command with ACL rules. This is patched in version 8.6.3.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| boost | boost | — | — |
| redis | redis | < 8.6.3 | 8.6.3 |
| redis | redis | — | — |
| redis_6 | redis | — | — |
| redis_7 | redis | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for use of the RESTORE command by non-administrative or untrusted authenticated users, which is the attack vector for this vulnerability. ↗
- →Alert on Redis/Valkey RESTORE command execution from unexpected or low-privilege accounts; use ACL logs to detect unauthorized RESTORE usage. ↗
- →Watch for redis-server or valkey-server process crashes (SIGSEGV/invalid memory access), which may indicate exploitation attempts via crafted RESTORE payloads. ↗
- ·Restrict the RESTORE command to highly trusted/administrative users via ACL rules as a workaround; unpatched instances up to version 8.6.3 are vulnerable. ↗
- ·Default RHEL mitigations (SELinux, ASLR, NX stack) reduce but do not eliminate RCE risk; do not rely solely on OS-level mitigations. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.7HIGHCVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat7.7HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Redis up to 8.6.2 heap-based overflow (GHSA-c8h9-259x-jff4)
vuldb·2026-05-05·CVSS 7.7
CVE-2026-25243 [HIGH] Redis up to 8.6.2 heap-based overflow (GHSA-c8h9-259x-jff4)
A vulnerability classified as critical was found in Redis up to 8.6.2. The impacted element is an unknown function. Such manipulation leads to heap-based buffer overflow.
This vulnerability is traded as CVE-2026-25243. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
Red Hat
redis: RESTORE invalid memory access may allow remote code execution
vendor_redhat·2026-05-05·CVSS 7.7
CVE-2026-25243 [HIGH] CWE-122 redis: RESTORE invalid memory access may allow remote code execution
redis: RESTORE invalid memory access may allow remote code execution
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitrary code execution.
Statement: To exploit this issue, an authenticated attacker with permission to execute the RESTORE command needs to send a specially crafted serialized payload to be processed by Redis, limiting its exposure to authenticated users. This allows the attacker to cause an invalid memory access, resulting in a denial of service or potentially in arbitrary code execution.
Default Red Hat Enterprise Linux security fe
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-25243 valkey: RESTORE invalid memory access may allow remote code execution [fedora-all]
bugzilla·2026-05-21·CVSS 7.7
CVE-2026-25243 [HIGH] CVE-2026-25243 valkey: RESTORE invalid memory access may allow remote code execution [fedora-all]
CVE-2026-25243 valkey: RESTORE invalid memory access may allow remote code execution [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-25243 valkey: RESTORE invalid memory access may allow remote code execution [epel-all]
bugzilla·2026-05-21·CVSS 7.7
CVE-2026-25243 [HIGH] CVE-2026-25243 valkey: RESTORE invalid memory access may allow remote code execution [epel-all]
CVE-2026-25243 valkey: RESTORE invalid memory access may allow remote code execution [epel-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-25243 redis: RESTORE invalid memory access may allow remote code execution
bugzilla·2026-05-05·CVSS 7.7
CVE-2026-25243 [HIGH] CVE-2026-25243 redis: RESTORE invalid memory access may allow remote code execution
CVE-2026-25243 redis: RESTORE invalid memory access may allow remote code execution
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead to remote code execution. A workaround is to restrict access to the RESTORE command with ACL rules. This is patched in version 8.6.3.
Hackernews
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
blogs_hackernews·2026-06-08·CVSS 8.4
CVE-2025-48595 [HIGH] ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked.
A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And while everyone chased the loud stuff, quieter attackers sat in inboxes for months, reading mail and stealing it bit by bit.
Lots to cover. Grab coffee. Read up.
## ⚡ Threat of the Week
Miasma Worm Hits 73 Microsoft GitHub Repositories in Supply Chain
Rapid7
Patch Tuesday - May 2026
blogs_rapid7·2026-05-13·CVSS 10.0
CVE-2026-41089 [CRITICAL] Patch Tuesday - May 2026
Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday . Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above.
## Windows Netlogon: critical RCE
Anyone responsible for securing a domain controller should prioritize remediation of CVE-2026-41089 , which is a critical stack-based buffer overflow in Windows Netlogon with a CVSS v3 base score of 9.8. Exploitation leads to execution in the context of the Netlogon service, so that’s SYSTEM privileges on the domain controller. For most pentesters, that’s the point at which the customer report more or less writes itself. No privileges
https://github.com/redis/redis/releases/tag/8.6.3https://github.com/redis/redis/security/advisories/GHSA-c8h9-259x-jff4https://access.redhat.com/errata/RHSA-2026:23229https://access.redhat.com/errata/RHSA-2026:25216https://access.redhat.com/errata/RHSA-2026:25219https://access.redhat.com/errata/RHSA-2026:25925https://access.redhat.com/errata/RHSA-2026:26008https://access.redhat.com/errata/RHSA-2026:26233https://access.redhat.com/errata/RHSA-2026:26306https://access.redhat.com/errata/RHSA-2026:26540https://access.redhat.com/errata/RHSA-2026:27716https://access.redhat.com/errata/RHSA-2026:27787https://access.redhat.com/errata/RHSA-2026:28139https://access.redhat.com/errata/RHSA-2026:28142https://access.redhat.com/errata/RHSA-2026:29817https://access.redhat.com/errata/RHSA-2026:33427https://access.redhat.com/security/cve/CVE-2026-25243https://bugzilla.redhat.com/show_bug.cgi?id=2466828https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25243.json
2026-05-05
Published