CVE-2026-27623

HIGH

Valkey 9.0.0-9.0.3 - Denial of Service via Empty Request Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2026-27623. PoCs published by Unclecheng-li, MillerDetach, SmashMythAmp.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2026-27623, demonstrating a pre-authentication DoS vulnerability in Valkey (Redis fork) by sending a malformed RESP request (`*0\r\nPING\r\n`) that triggers an assertion failure in the server's networking code.

Description

Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valkey system does not properly reset the networking state after processing an empty request. A malicious actor can then send a request that the server incorrectly identifies as breaking server side invariants, which results in the server shutting down. Version 9.0.3 fixes the issue. As an additional mitigation, properly isolate Valkey deployments so that only trusted users have access.

Exploits (4)

github WORKING POC 161 stars
by Unclecheng-li · cpoc
https://github.com/Unclecheng-li/poc-lab/tree/main/CVE-2026-27623 Pre-Authentication DOS from malformed RESP request

The repository contains a functional exploit for CVE-2026-27623, demonstrating a pre-authentication DoS vulnerability in Valkey (Redis fork) by sending a malformed RESP request (`*0\r\nPING\r\n`) that triggers an assertion failure in the server's networking code.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Valkey (versions 9.0.0 to 9.0.2)
No auth needed
Prerequisites: Network access to the target Valkey server
devstral-2 · analyzed May 22, 2026 Full analysis →
github WORKING POC
by MillerDetach · pythonpoc
https://github.com/MillerDetach/poc-lab-pro/tree/main/CVE-2026-27623 Pre-Authentication DOS from malformed RESP request

This repository contains a functional exploit PoC for CVE-2026-27623, a pre-authentication DoS vulnerability in Valkey (Redis fork) caused by a malformed RESP request. The exploit sends a crafted payload (*0\r\nPING\r\n) to trigger an assertion failure in the server's networking.c, causing the process to crash.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Valkey (versions 9.0.0 to 9.0.2)
No auth needed
Prerequisites: Network access to the target Valkey instance · Target running an affected version (9.0.0 to 9.0.2)
devstral-2 · analyzed Jun 09, 2026 Full analysis →
github WORKING POC
by SmashMythAmp · pythonpoc
https://github.com/SmashMythAmp/poc-lab-605/tree/main/CVE-2026-27623 Pre-Authentication DOS from malformed RESP request

The repository contains a functional exploit PoC for CVE-2026-27623, demonstrating a pre-authentication DoS vulnerability in Valkey (Redis fork) by sending a malformed RESP request (`*0\r\nPING\r\n`) that triggers an assertion failure in the server's networking code.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Valkey (versions 9.0.0 to 9.0.2)
No auth needed
Prerequisites: Network access to the target Valkey server's port
devstral-2 · analyzed Jun 06, 2026 Full analysis →
github WORKING POC
by LadyAqueduct · htmlpoc
https://github.com/LadyAqueduct/poc-lab-798/tree/main/CVE-2026-27623 Pre-Authentication DOS from malformed RESP request

The repository contains a functional exploit PoC for CVE-2026-27623, demonstrating a pre-authentication DoS vulnerability in Valkey (Redis fork) by sending a malformed RESP request (`*0\r\nPING\r\n`) that triggers an assertion failure in the server's networking code.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Valkey (Redis fork) versions 9.0.0 to 9.0.2
No auth needed
Prerequisites: Network access to the target Valkey server's port
devstral-2 · analyzed Jun 06, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0027
EPSS Percentile 18.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (1)
lfprojects/valkey 9.0.0 - 9.0.3
Published Feb 23, 2026
Tracked Since Feb 23, 2026