Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Redis security patch release for CVE-2025-49844

Security Patch Release
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

Redis released fixes for CVE-2025-49844 across Redis 7.22.2-12, 7.8.6-207, 7.4.6-272, 7.2.4-138 and 6.4.2-131, closing a critical issue in the embedded Lua scripting engine. The update also covers open source and commercial editions, and Redis urged administrators to patch immediately after the October 3 disclosure. The flaw can enable remote code execution on the host, although there is no evidence of exploitation in the wild yet.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

Oracle security patch release for CVE-2026-21992

Security Patch Release
First: 21.03.2026 12:24 Last: 21.03.2026 12:24 Sources 1

About this happening: **Oracle** released **security updates** for **CVE-2026-21992**, a critical flaw in **Identity Manager** and **Web Services Manager** that could enable **unauthenticated remote co...

Open Happening

Hewlett Packard Enterprise (HPE) security patch release for CVE-2026-23813

Security Patch Release
First: 10.03.2026 19:30 Last: 10.03.2026 19:30 Sources 1

About this happening: **HPE** released **security updates** for **Aruba Networking AOS-CX**, closing **multiple vulnerabilities** including authentication and code execution issues on **CX-series campu...

Open Happening

Timeline

  1. 07.10.2025 18:00 2 articles · 7mo ago

    Redis discloses CVE-2025-49844 and releases fixes

    Mitigation Patch Update

    Redis and Wiz jointly disclosed CVE-2025-49844, nicknamed RediShell, and Redis released fixes for Redis versions 7.22.2-12, 7.8.6-207, 7.4.6-272, 7.2.4-138 and 6.4.2-131 across open source and commercial editions. Redis urged administrators to patch immediately, enable authentication, restrict access to trusted networks, disable Lua scripting if it is not required, and use firewalls and Virtual Private Clouds (VPCs) where appropriate.

    Show sources
    Open in new tab