Authenticated access and the ability to run Lua scripts is required to exploit this vulnerability. However, all affected instances without authentication configured are vulnerable. Further details from the Redis team can be found here.
AI description
Automated description summarized from trusted sources.
CVE-2025-49844 is a vulnerability in Redis that stems from improper memory management within its embedded Lua interpreter. The core issue is a use-after-free bug that can be triggered via a specially crafted Lua script. An authenticated user can manipulate the garbage collection process, exploiting freed memory pointers to potentially execute arbitrary code within the Redis server's process. This vulnerability exists in all Redis versions that include Lua scripting support. Redis has released patches to address this vulnerability. For more information on remediation, see the security advisory from Redis.
- Description
- Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- redis, valkey
CVSS 3.1
- Type
- Primary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-416
- Hype score
- Not currently trending
https://t.co/wWu0LC1urn Critical exploit for remote code execution A cloud and container security provider is warning of a newly discovered, critical vulnerability in Redis, the widely used open-source in-memory data store. The vulnerability, CVE-2025-49844, also known as "Re
@B2bCyber
1 Dec 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ℹ️#RediShell RCE Vulnerability (CVE-2025-49844) The RediShell #RCE is a critical use-after-free flaw in Redis's Lua engine enabling host-level Remote Code Execution. 📺 Watch the breakdown: https://t.co/j69PSgA3YD 🔎 Exposed Redis instances detected via Crimin
@CriminalIP_US
27 Nov 2025
737 Impressions
1 Retweet
4 Likes
1 Bookmark
0 Replies
0 Quotes
ℹ️#RediShell RCE Vulnerability (CVE-2025-49844) The RediShell #RCE is a critical use-after-free flaw in Redis's Lua engine enabling host-level Remote Code Execution. 🔎 Exposed Redis instances detected via Criminal IP Query 👉 "product: Redis" 🔗 https://t
@CriminalIP_US
27 Nov 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ℹ️#RediShell RCE Vulnerability (CVE-2025-49844) The RediShell #RCE is a critical use-after-free flaw in Redis's Lua engine enabling host-level Remote Code Execution. 🔎 Exposed Redis instances detected via Criminal IP Query 👉 "product: Redis" 🔗 https://t
@CriminalIP_US
27 Nov 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Redis dropped details on a critical RCE bug - CVE-2025-49844 - and it’s a mess across multiple versions. They pushed patches all through October, tweaking the “fixed” release from 7.22.2-12 to 7... https://t.co/VMnzFmQINl --- Want similar stories? Join 👉 https://t.co/Zi
@joinFAUN
24 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#AppSec #Cloud_Security 1⃣ PoC for CVE-2025-49844, CVE-2025-46817 and CVE-2025-46818 Critical Lua Engine Vulnerabilities https://t.co/pNWl2H7vmu // Three critical vulnerabilities in Redis 7.4.5 2⃣ Hunting for Bucket Traversals in Google's Client Libraries
@ksg93rd
11 Nov 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 RediShell (CVE-2025-49844) RCE crítica (CVSS 10.0) decubierta tras 13 años. Todavía hay +8500 instancias expuestas, asegura que ninguna es la tuya ;) 👉Más info: https://t.co/Hk9BaJWxoJ https://t.co/vqs4UZhtSP
@rootedcon
10 Nov 2025
1909 Impressions
8 Retweets
15 Likes
6 Bookmarks
1 Reply
1 Quote
Actively exploited CVE : CVE-2025-49844
@transilienceai
10 Nov 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Redis の深刻な脆弱性 RediShell CVE-2025-49844 が FIX:Lua サンドボックス回避によるホスト侵害の可能性 https://t.co/Zi92pSe7sH Redis の Lua エンジンに存在する use-after-free 型のメモリ破損と、Lua の実行機能である EVAL
@iototsecnews
10 Nov 2025
97 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Descubren vulnerabilidad crítica de ejecución remota de código en Redis tras 13 años ⚠️ CVE-2025-49844 https://t.co/jTnFIup9n3
@elhackernet
9 Nov 2025
6635 Impressions
23 Retweets
100 Likes
18 Bookmarks
2 Replies
1 Quote
🌐 🚨 DEVELOPING: RediShell (CVE-2025-49844) — Redis Lua engine enables host-level RCE; 8,500+ Redis instances exposed worldwide. Disclosed by Wiz. https://t.co/mtpowLdfRw #cyber #infosec #OSINT
@STRATINT_AI
30 Oct 2025
3898 Impressions
7 Retweets
46 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 RediShell RCE: 8,500 Vulnerable Redis Instances Exposed (CVE-2025-49844) Redis patched a use-after-free in Lua scripting engine enabling sandbox escape and host-level RCE. CVSS 10.0. Criminal IP found 8,500 unpatched instances globally (many flagged Dangerous/Critical). Th
@the_c_protocol
30 Oct 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnérabilité RediShell | CVE-2025-49844 - Stormshield https://t.co/2t5WRNh5Q2 #PreventionInternet #Cybersécurité
@Prevention_web
30 Oct 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical RediShell RCE Threatens 8,500+ Redis Servers Worldwide A critical Redis Lua scripting vulnerability, CVE-2025-49844, exposes over 8,500 deployments worldwide to remote code execution. Disclosed by Wiz in October 2025, it involves a use-after-free memory corruption that
@Secwiserapp
30 Oct 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Security Advisory — #RediShell RCE (CVE-2025-49844) 🚨 The RediShell #RCE is a critical use-after-free flaw in Redis's Lua engine enabling host-level Remote Code Execution (RCE). ☑️59,000+ exposed Redis instances detected ☑️8,500 unpatched Redis instanc
@CriminalIP_US
30 Oct 2025
1006 Impressions
3 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
💥 #RediShell (CVE-2025-49844) パッチ未適用の状況と対応推奨 Redis の Lua エンジン脆弱性を悪用するリモートコード実行(RCE)攻撃が活発に観測されています。 Criminal IP Search の確認では、インターネットに公
@CriminalIP_JP
30 Oct 2025
98 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
💥 #RediShell (CVE-2025-49844) 패지 지연 안내 및 권고 Redis의 Lua 엔진 취약점을 악용한 원격 코드 실행(RCE) 공격이 활발히 관찰되고 있습니다. Criminal IP Search로 확인한 결과, 인터넷에 노출된 Redis 인스턴스 59,75
@CriminalIP_KR
30 Oct 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The "RediShell" RCE vulnerability (CVE-2025-49844) poses a critical risk to over 8,500 exposed Redis instances, urging users to apply patches and enable authentication immediately to prevent remote code execution threats. #RediShell #CVE202549844 https://t.co/4JhPTasppN
@Cyber_O51NT
30 Oct 2025
1984 Impressions
13 Retweets
17 Likes
7 Bookmarks
2 Replies
0 Quotes
[1day1line] CVE-2025-49844: RCE Vulnerability in Redis Caused by Use After Free via Lua Script https://t.co/z0PZdAz4eh Today's 1day1line: CVE-2025-49844, a Use After Free RCE vulnerability discovered in Redis. The vulnerability is caused by unpinned chunks accessed via Lua
@hackyboiz
29 Oct 2025
2916 Impressions
11 Retweets
39 Likes
19 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-49844: Redis Lua Use-After-Free may lead to remote code execution Exploit: https://t.co/oQTTzuI5nb Advisory: https://t.co/yXmGPpm1bJ CVSS: 10 FOFA Link: https://t.co/Sq4ZLUbS7m FOFA Query: app="redis" Results: 1,977,550 https://t.co/MU0an8ebyH
@DarkWebInformer
28 Oct 2025
9867 Impressions
29 Retweets
81 Likes
35 Bookmarks
0 Replies
0 Quotes
New issue of DevOpsLinks is out! 🚨 Redis CVE-2025-49844 (CVSS 10), 🪝 Git pre-commit + 🧬 SHA-256/3.0, ☁️ MCP on ACA, 🛡️ AI in DevSecOps, 🚫 blocking 26M curl reqs, 🏛️ Shopify 30TB/min monolith, 🐧 Linux 6.18 RC1, 💸 Hetzner -76%. Read: https://t.co/e5
@_FAUNDOL_
21 Oct 2025
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 RediShell [Critical] Oct 21, 2025 This report analyzes the RediShell vulnerability (CVE-2025-49844), a critical remote code execution flaw affecting Redis servers. The vulnerability, stemming from a use-after-free condition in Redis's Lua scripting engine, allows attackers..
@transilienceai
21 Oct 2025
100 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Redis 7.4.5 Lua の脆弱性 CVE-2025-49844/46817/46818:PoC が提供される https://t.co/ECyawJKXZa Redis 7.4.5 に存在する3つの脆弱性の悪用手法が、明瞭に解説されています。Lua パーサーでの新規 TString をスタックの保護の欠
@iototsecnews
20 Oct 2025
100 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We implemented an exploit for RediShell (CVE-2025-49844). While doing so, we discovered that the publicly available PoC incorrectly uses loadstring to trigger the Redis UAF. Kudos to @wiz_io for the interesting findings! https://t.co/o525HxQfzB
@DarkNavyOrg
19 Oct 2025
15348 Impressions
50 Retweets
231 Likes
83 Bookmarks
0 Replies
0 Quotes
In our latest insights, we dive into CVE-2025-49844 (RediShell), a critical RCE vulnerability affecting Redis data stores. Read more: https://t.co/VNAppZyMWX https://t.co/e5TEExHva6
@Harborcoattech
18 Oct 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧨 A 13-year-old software flaw in Redis just blew open serious risk: CVE-2025-49844 (aka “RediShell”) allows remote code execution via Lua scripts. (The Hacker News, 2025) Yes, old software still lives, and attackers love that. Why this matters to you: • If your site or
@BGMloop
16 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 KeyDB RCE via Lua — CVE-2025-49844! Attackers can run code remotely via Lua scripting. Update to patched versions NOW or disable/restrict Lua, isolate KeyDB, tighten ACLs, rotate creds, and monitor logs. 🔍 https://t.co/2VFuAYlmkC https://t.co/qNk2g54lex
@vulert_official
16 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 KeyDB RCE via Lua — CVE-2025-49844! Attackers can run code remotely through Lua scripting. Update to the patched versions NOW or disable/restrict Lua, isolate KeyDB, and tighten ACLs. 🔍https://t.co/2VFuAYlmkC https://t.co/6nTqugX1ne
@vulert_official
16 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Redis expone una vulnerabilidad crítica de 13 años (CVE-2025-49844, CVSS 10.0). Afecta todas las versiones con soporte de scripts Lua. Un atacante puede ejecutar código remoto manipulando el entorno de ejecución de Lua. https://t.co/KuLppgUArL
@henryraul
15 Oct 2025
95 Impressions
9 Retweets
8 Likes
1 Bookmark
1 Reply
0 Quotes
Moohoo! Update 2025-10 has just been released: https://t.co/KYdeeGOT7u This update addresses the critical CVE-2025-49844 affecting @Redisinc. While the exploit was not exposed in mailcow environments, updating is still strongly recommended.
@mailcow_email
15 Oct 2025
464 Impressions
2 Retweets
11 Likes
1 Bookmark
0 Replies
0 Quotes
🔴 Redis just patched CVE-2025-49844, a critical use-after-free RCE in the default-enabled Lua engine affecting all versions. Authenticated exploits enable sandbox escape and full host compromise—reverse shells, credential theft, lateral movement, malware deployment. What's
@the_c_protocol
14 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
redis cve-2025-49844 https://t.co/F9bb6qbQGD https://t.co/Flk0jANP2y https://t.co/7uW5cEUYZZ
@isValidUserId
14 Oct 2025
218 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVSS 10.0: Kritikus RediShell-sebezhetőség veszélyezteti a felhőkörnyezetek többségét A Wiz Research kutatói egy rendkívül súlyos, távoli kódfuttatást lehetővé tevő sérülékenységet (CVE-2025-49844) azonosítottak a széles körben használt Redis adatbázis
@linuxmint_hun
13 Oct 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49844 https://t.co/DvR8Fcjq7C https://t.co/E7aniUVA9E
@SecAlertsCo
13 Oct 2025
64 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RediShell: Critical Remote Code Execution Vulnerability (CVE-2025-49844) in Redis, 10 CVSS score Wiz Research discovers vulnerability stemming from 13-year-old bug present in all Redis versions, used in 75% of cloud environments. https://t.co/BKC07zsril #security #redis
@jvela
13 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
lol did bitnami just drop all of its images that were vulnerable to CVE-2025-49844? Nice
@xoxodeadbeef
12 Oct 2025
71 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
さくらのクラウドからもRediShellの注意喚起。さくらのクラウドはパケットフィルタ機能の設定が結構難しく、きちんと設定できてないことがあるので特に要注意ではある。 / “【重要】Redis「RediShell(CVE-2025-49
@matsuu
12 Oct 2025
2516 Impressions
5 Retweets
14 Likes
4 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-49844 - critical 🚨 Redis Lua Parser < 8.2.2 - Use After Free > Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and... 👾 https://t.co/tVI8G3mmcN @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
12 Oct 2025
241 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL ALERT: Patch Your Redis INSTANCES NOW! 🚨 A severe Remote Code Execution (RCE) vulnerability, dubbed RediShell (CVE-2025-49844), has been uncovered in Redis, scoring the maximum possible CVSS 10.0. This flaw affects every version of Redis with Lua scripting rel
@YahyaToubali
11 Oct 2025
127 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
There's a particularly bad Redis vuln that didn't get much fanfare this past week, CVE-2025-49844,https://t.co/U3lEqdznaa. Approximately 55k vulnerable right now. https://t.co/NtqfvcwPcu https://t.co/I04EBPm9wS
@schwartzonsec
11 Oct 2025
179 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
RediShell (CVE-2025-49844) Vulnerability-Scanner https://t.co/2n15hoKlTT #vulnerability
@d4rk_c0r3
11 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE Vulnerability in Redis (CVE-2025-49844). Please see the @ncsc_gov_ie for more info: https://t.co/SFg3eDYDmc
@ncsc_gov_ie
10 Oct 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تم إصدار تصحيحات لثغرة حرجة في Redis تتيح للمهاجمين الوصول الكامل لنظام الاستضافة. تُعرف هذه الثغرة باسم CVE-2025-49844، وتسمح بتشغيل سكربتات Lua ضارة. وجود Redis بدون
@Cybereayn
10 Oct 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-49844 (CVSS 10): Redis Lua RCE Authenticated attackers can exploit a Lua script to trigger a use-after-free, enabling RCE. Affects all Lua-enabled Redis versions. 🔥PoC: https://t.co/OvL4Y7xcqc Search by vul.cve Filter👉vul.cve="CVE-2025-49844" ZoomEye http
@zoomeye_team
10 Oct 2025
3726 Impressions
25 Retweets
76 Likes
24 Bookmarks
2 Replies
0 Quotes
Redis RCE Vulnerability (CVE-2025-49844, CVSS 10.0,💥 This in-memory database flaw allows remote code execution via Lua sandbox escape, targeting exposed instances for cryptojacking and botnets. Immediately update Redis and enable authentication. #RedisSecurity #PatchManageme
@CyberWolfGuard
9 Oct 2025
67 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
(1/4) 🚨CVE-2025-49844: Redis Lua Parser UAF → RCE Root cause: luaY_parser() fails to anchor TString objects on Lua stack before lexer invocation. GC can free chunk-name string while parser holds dangling reference. 330K exposed instances. 60K unauthenticated. A thread!
@hackcubes
9 Oct 2025
72 Impressions
0 Retweets
1 Like
1 Bookmark
1 Reply
0 Quotes
Cyber threat landscape heats up with critical breaches, vulnerabilities, and scams hitting global targets in the last hour 🚨 Here’s your quick briefing: 🛠️ Redis suffers a critical memory corruption flaw (CVE-2025-49844) allowing authenticated attackers to execute arbi
@np_cyber_news
9 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A 13-year-old flaw in #Redis — CVE-2025-49844 (RediShell) — allows remote code execution (CVSS 10.0)! 👉 https://t.co/WnPR3goq9I #CyberSecurity #RCE #Vulert #CloudSecurity #OpenSource #CVE202549844
@vulert_official
9 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A practical lab environment for testing and understanding the critical CVE-2025-49844 (RediShell) vulnerability in Redis. https://t.co/Sj1nnNY7k3 https://t.co/MQomcqV4zz
@ngnicky
8 Oct 2025
147 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Redis eski sürümlerinde CVE-2025-49844 (RediShell) güvenlik açığı keşfedilmiş. Bu zafiyet 13 yıldır farkedilmemiş ve uzaktan kod yürütme sağlıyormuş. Redis sürümü güncel olmayanlar güncellesinler (veya dışarıya kapatıp kimlik doğrulama ayarlasınlar) ht
@ridvanyagli
8 Oct 2025
96 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2F4D4F6-6F7C-46BC-B37C-DFAC34B097AC",
"versionEndExcluding": "6.2.20"
},
{
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F82BD2A-473F-4F3F-9C80-C6448D07C45D",
"versionEndExcluding": "7.2.11",
"versionStartIncluding": "7.0"
},
{
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6E336B8-E000-4EFA-95F8-F2B74A4913F0",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "459EBC07-D37A-44E5-95DB-4C3FD9F008FF",
"versionEndExcluding": "8.0.4",
"versionStartIncluding": "8.0.0"
},
{
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBF13EC1-FE0A-4242-B8D3-2681485DDDF2",
"versionEndExcluding": "8.2.2",
"versionStartIncluding": "8.2.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lfprojects:valkey:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CAF97D0-BE35-43AE-B820-3A88D1F49050",
"versionEndExcluding": "7.2.11"
},
{
"criteria": "cpe:2.3:a:lfprojects:valkey:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0285AE3-BBEA-4D0E-A8AD-957EC3E78870",
"versionEndExcluding": "8.0.6",
"versionStartIncluding": "8.0.0"
},
{
"criteria": "cpe:2.3:a:lfprojects:valkey:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "725746C6-025D-4364-9D97-E1315D670DF6",
"versionEndExcluding": "8.1.4",
"versionStartIncluding": "8.1.0"
}
],
"operator": "OR"
}
]
}
]