Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

CVE-2026-23479

Redis patches two-year-old use-after-free flaw that enabled remote command execution

Cloud, Research, Risk, Vendors, Vulnerabilities

June 5, 2026

Redis patched CVE-2026-23479, a use-after-free flaw in blocking-client code that could lead to remote command execution. The bug affected versions 7.2.0 through 8.6.2 and had gone unnoticed for more than two years.

About
Editorial Policy
Privacy
Contact