Vulnerabilities in Redis
49 resultsCVE-2025-49844CRITICALRedis Lua Use-After-Free may lead to remote code executionEPSS 86.3%CVE-2023-36824HIGHHeap overflow in COMMAND GETKEYS and ACL evaluation in RedisEPSS 74.8%CVE-2023-22458MEDIUMInteger overflow in multiple Redis commands can lead to denial-of-serviceEPSS 69.4%CVE-2022-36021MEDIUMRedis string pattern matching can be abused to achieve Denial of ServiceEPSS 59.7%CVE-2023-28425MEDIUMSpecially crafted MSETNX command can lead to denial-of-serviceEPSS 55.0%CVE-2022-24834HIGHHeap overflow issue with the Lua cjson library used by RedisEPSS 42.9%CVE-2021-32761HIGHInteger overflow issues with *BIT commands on 32-bit systemsEPSS 31.0%CVE-2021-32675HIGHDoS vulnerability in RedisEPSS 15.8%CVE-2021-32626HIGHLua scripts can overflow the heap-based Lua stack in RedisEPSS 15.1%CVE-2016-8339MEDIUMA buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulneEPSS 14.8%CVE-2022-35977MEDIUMInteger overflow in certain command arguments can drive Redis to OOM panicEPSS 11.8%CVE-2024-46981HIGHRedis' Lua library commands may lead to remote code executionEPSS 7.8%CVE-2025-62507HIGHRedis: Bug in XACKDEL may lead to stack overflow and potential RCEEPSS 6.4%CVE-2021-21309MEDIUMInteger overflow on 32-bit systemsEPSS 4.9%CVE-2024-31449HIGHLua library commands may lead to stack overflow and RCE in RedisEPSS 4.5%CVE-2021-32625HIGHRedis vulnerability in STRALGO LCS on 32-bit systemsEPSS 4.4%CVE-2021-29477HIGHVulnerability in the STRALGO LCS commandEPSS 4.2%CVE-2025-32023HIGHRedis allows out of bounds writes in hyperloglog commands leading to RCEEPSS 3.9%CVE-2021-32687HIGHInteger overflow issue with intsets in RedisEPSS 3.8%CVE-2025-46817HIGHLua library commands may lead to integer overflow and potential RCEEPSS 3.7%