13-Year-Old Redis Flaw Exposed CVSS 100 Vulnerability Lets Attackers Run Code Remotely

Posted on October 7, 2025 • 1 min read • 60 words

Share via

Link copied to clipboard

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. An authenticated user may use a specially crafted Lua script to manipulate the

13-Year-Old Redis Flaw Exposed CVSS 100 Vulnerability Lets Attackers Run Code Remotely

Read on Hackernews

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. “An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free,

Windows 11s dark mode is getting more consistent in File Explorer

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Everything coding, technology, and digital Life