CVE-2026-23479

HIGH

redis-server use-after-free in unblock client flow may allow remote code execution

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2026-23479. PoCs published by v1c0mmrt, jenniferreire26, daniel30padd.

AI-analyzed exploit summary This repository contains a Python-based scanner for detecting CVE-2026-23479, a Redis Use-After-Free vulnerability. It checks for affected versions, authentication status, ACL permissions, exposure risks, and mitigations without exploiting the vulnerability.

Description

Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `processCommandAndResetClient` when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can trigger a use-after-free that may lead to remote code execution. This has been patched in version 8.6.3.

Exploits (4)

github SCANNER
by v1c0mmrt · pythonpoc
https://github.com/v1c0mmrt/redis-cve-2026-23479-scanner

This repository contains a Python-based scanner for detecting CVE-2026-23479, a Redis Use-After-Free vulnerability. It checks for affected versions, authentication status, ACL permissions, exposure risks, and mitigations without exploiting the vulnerability.

Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Redis (versions 7.2.0-7.2.13, 7.4.0-7.4.8, 8.2.0-8.2.5, 8.4.0-8.4.2, 8.6.0-8.6.2)
No auth needed
Prerequisites: Network access to Redis instance · Redis instance running an affected version
devstral-2 · analyzed Jun 11, 2026 Full analysis →
github SUSPICIOUS
by jenniferreire26 · poc
https://github.com/jenniferreire26/CVE-2026-23479

The repository claims to exploit CVE-2026-23479, a use-after-free vulnerability in Redis, but provides no actual exploit code. Instead, it directs users to an external download link (tinyurl.com), which is a common tactic for distributing malware or fake exploits.

Classification
Suspicious 90%
Attack Type
Rce
Complexity
Theoretical
Reliability
Theoretical
Target: Redis (versions 7.2.0 to 8.6.3)
Auth required
Prerequisites: authenticated access to Redis server
devstral-2 · analyzed Jun 09, 2026 Full analysis →
github SUSPICIOUS
by daniel30padd · poc
https://github.com/daniel30padd/CVE-2026-23479

The repository claims to provide an exploit for CVE-2026-23479 (a use-after-free in Redis leading to RCE) but contains no actual exploit code. Instead, it directs users to download the exploit from an external URL (tinyurl.com), which is a common tactic for distributing malware or fake exploits.

Classification
Suspicious 95%
Attack Type
Rce
Complexity
Theoretical
Reliability
Theoretical
Target: Redis (versions 7.2.0 to 8.6.3)
Auth required
Prerequisites: authenticated access to Redis server
devstral-2 · analyzed Jun 08, 2026 Full analysis →
github SCANNER
by pduggusa · pythonpoc
https://github.com/pduggusa/redis-cve-2026-23479-check

This repository contains a safe, read-only version checker for CVE-2026-23479, a use-after-free vulnerability in Redis's blocking-client code. The tool connects to a Redis instance, optionally authenticates, and checks the version against a list of fixed releases to determine vulnerability status. It does not exploit the vulnerability.

Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Redis (versions 6.2.0-6.2.21, 7.2.0-7.2.13, 7.4.0-7.4.8, 8.2.0-8.2.5, 8.4.0-8.4.2, 8.6.0-8.6.2)
Auth required
Prerequisites: Network access to Redis instance · Optional authentication credentials if Redis requires authentication
devstral-2 · analyzed Jun 05, 2026 Full analysis →

References (2)

Core 2
Core References
X_Refsource_Misc x_refsource_misc
https://github.com/redis/redis/releases/tag/8.6.3

Scores

CVSS v3 8.8
EPSS 0.0012
EPSS Percentile 30.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-416
Status published
Products (2)
redis/redis 7.2.0 - 8.6.3
redis/redis >= 7.2.0, < 8.6.3
Published May 05, 2026
Tracked Since May 05, 2026