The Register on MSN
Level-10 vuln lurking in Redis source code for 13 years could allow remote code execution
No evidence of exploitation … yet A 13-year-old critical flaw in Redis servers, rated a perfect 10 out of 10 in severity, can ...
Overview Recently, NSFOCUS CERT detected that Redis issued a security bulletin and fixed the Redis Lua code execution vulnerability (CVE-2025-49844); Because Redis’s Lua script engine has a ...
"The combination of widespread deployment, default insecure configurations, and the severity of the vulnerability creates an urgent need for immediate remediation. Organizations must prioritize ...
The Redis security team has issued a warning to system administrators and cloud infrastructure providers after discovering a ...
A critical-severity vulnerability that lingered in Redis for 13 years potentially exposes 60,000 servers to exploitation.
Dynamic languages have proved invaluable to improving fast and agile development, most notably for Web development and system administration. Lua is a language that fits in this space. Dynamic ...
The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary ...
Try running this:<BR><pre class="ip-ubbcode-code-pre">lua -e 'print(math.random(2147483648,2147483648))'</pre><BR><BR>I get:<BR><pre class="ip-ubbcode-code-pre ...
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback