← Back to Feed CACHED · 2026-05-17 09:42:19 · cache_key CVE-2025-29912
CVE-2026-23631 · CWE-416 · Disclosed 2026-05-05

Redis is an in-memory data structure store

ASSESSED — NOISGATE V0.5
Vendor
Reassessed
Verdict:
01 · The Real Story

This is a spare key hidden inside a locked closet, not one taped to the front door

CVE-2026-23631 is a Redis Lua use-after-free in the master-replica synchronization path. An authenticated attacker can abuse SLAVEOF/replication behavior during Lua execution to free the Lua engine and then keep executing against freed memory, which can end in remote code execution on the replica. Redis says the issue exists in versions with Lua scripting, but the practical risk centers on replicas where replica-read-only is disabled or can be disabled; Redis shipped fixes on 2026-05-05 in OSS/CE 6.2.22, 7.2.14, 7.4.9, 8.2.6, 8.4.3, and 8.6.3.

The scary part is real: there is a public exploit and a detailed write-up from Yoni Sherez published on 2026-06-02. But the headline 8.1 HIGH overstates enterprise reality because this is not unauthenticated internet RCE; it needs authenticated Redis access, Lua-capable permissions, replication/control-plane actions, and a replica deployment shape that narrows the exposed population hard. Redis/GitHub's own published severity is Moderate 6.1, and that is much closer to how a 10,000-host defender should triage it.

"Real RCE, but mostly a writable-replica admin bug rather than a fleet-wide internet fire."
02 · The Attack Path

4 steps from start to impact.

STEP 01

Land authenticated Redis access with enough ACL scope

The operator uses normal Redis client access such as redis-cli or the public yoyosh/DarkReplica tooling to authenticate and enumerate permitted commands. The exploit is post-auth from the start; without a real Redis session and meaningful ACL rights, the chain never gets off the ground.
Conditions required:
  • Network reachability to Redis
  • Valid Redis credentials or an already-compromised app path
  • ACL permissions broad enough to use scripting and replication-related commands
Where this breaks in practice:
  • Protected mode, network segmentation, and private-only listeners cut reachability
  • Many application accounts do not have @admin, @scripting, CONFIG, or SLAVEOF capability
  • Managed Redis services often restrict dangerous control-plane commands
Detection/coverage: Version scanners will not see this prerequisite. You need ACL reviews, command telemetry, and auth logs.
STEP 02

Turn the target into a controllable writable replica

Per the ZeroDay.cloud write-up, the attacker points the victim at an attacker-controlled master using SLAVEOF and ensures replica writes are possible by disabling replica-read-only when needed. This moves the bug from theory to a reachable state because the later FULLRESYNC will arrive from infrastructure the attacker controls.
Conditions required:
  • Permission to run SLAVEOF/replication reconfiguration
  • Permission to run CONFIG SET or an already non-read-only replica
  • Ability to host an attacker-controlled Redis master
Where this breaks in practice:
  • Most sane enterprise ACLs should not give app identities replication control
  • Writable replicas are a minority deployment pattern
  • Changing replication state is noisy and often operationally visible
Detection/coverage: Look for SLAVEOF, REPLICAOF, CONFIG SET replica-read-only no, and unexpected replication peer changes in Redis logs and SIEM.
STEP 03

Start a long-running Lua workload

The exploit loads and runs a slow Lua function using Redis scripting or functions APIs so the server enters the timeout/yield path. During that state, Redis processes blocked events, which is the loophole that lets replication traffic mutate state while Lua is still active.
Conditions required:
  • Lua scripting or functions enabled
  • Permission to use FUNCTION LOAD/FCALL or equivalent Lua execution path
  • A target version in a vulnerable branch
Where this breaks in practice:
  • Some enterprises never use Redis Lua in production and can disable it or deny it by ACL
  • Long-running scripts are operationally odd and may surface as latency spikes or BUSY errors
  • The attacker still needs a compatible branch and working offsets
Detection/coverage: Monitor for FUNCTION LOAD, FCALL, EVAL, repeated BUSY responses, and slow-script log entries.
STEP 04

Force FULLRESYNC and reclaim freed Lua memory

The attacker-controlled master triggers synchronization while the Lua engine is active, freeing the current Lua context and then continuing execution against freed memory. Yoni Sherez's DarkReplica write-up and GitHub repo show the full path from UAF to memory corruption, pointer recovery, and system()-style code execution on the host.
Conditions required:
  • Attacker-controlled master able to deliver replication data
  • Precise exploit logic for the target build
  • Replica-side conditions from the earlier steps
Where this breaks in practice:
  • This is heap-sensitive exploitation, not botnet-grade spray-and-pray
  • The public exploit is version/offset aware and operationally complex
  • A crash is more likely than clean RCE in poorly matched environments
Detection/coverage: Most scanners over-call by version alone and miss the replica/read-only nuance. EDR on the Redis host and command/process telemetry are your best signal once exploitation reaches code execution.
03 · Intelligence Metadata

The supporting signals.

In-the-wild statusNo current evidence of active exploitation in the sources reviewed. Not in CISA KEV as of the catalog check, and no public campaign reporting was found.
Proof-of-concept availabilityYes. Yoni Sherez published a full technical write-up on 2026-06-02 and linked a public exploit repo: yoyosh/DarkReplica.
EPSSUser-supplied EPSS is 0.00079 (~0.079%), which is low. A FIRST-derived third-party display places it at roughly the 23.5th percentile, reinforcing that this is not currently predicted to become mass exploitation.
KEV statusNot listed in CISA's Known Exploited Vulnerabilities Catalog.
CVSS situationThere is a scoring split. NVD added CVSS v3.1 8.1 HIGH on 2026-05-06 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), while GitHub/Redis published CVSS v4.0 6.1 MEDIUM on 2026-05-05 (AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N).
Affected deploymentsRedis describes the bug as affecting versions with Lua scripting, but exploitation requires a replica where replica-read-only is disabled or can be disabled. The public write-up's tested vulnerable ranges are 7.2.0-7.2.13, 7.4.0-7.4.8, 8.2.0-8.2.5, 8.4.0-8.4.2, and 8.6.0-8.6.2.
Fixed versionsOSS/CE fixed releases are 6.2.22, 7.2.14, 7.4.9, 8.2.6, 8.4.3, 8.6.3 per Redis. Example distro backports include SUSE redis >= 7.2.4-150600.3.24.1, redis7 >= 7.0.8-150600.8.25.1, and openSUSE redis >= 8.6.3-1.1.
Exposure / scanning realityCensys historically observed 350,675 internet-accessible Redis services, showing Redis exposure is common. But this CVE's reachable population is much smaller because it still requires auth + scripting/replication control + writable-replica conditions.
Disclosure timelineVendor advisory and CVE publication landed on 2026-05-05. Public exploit details and full research were published on 2026-06-02.
Researcher / reporting orgReported by Yoni Sherez; Redis credits him in the advisory, and the research was showcased via ZeroDay.cloud / Wiz.
04 · The Call

noisgate verdict.

Final Verdict
DOWNGRADED to MEDIUM (5.8/10)

The decisive downgrading factor is that exploitation is post-auth and control-plane heavy: the attacker needs authenticated Redis access plus scripting and replication actions on a writable-replica path. Public exploit code keeps this from falling into LOW, but the exposed population is far narrower than an AV:N label suggests.

HIGH Exploit preconditions and technical chain
MEDIUM Real-world exposure across enterprise Redis fleets

Why this verdict

  • Downgrade from the 8.1 baseline: NVD's v3.1 score treats this like any low-privileged network user can cash out on impact. In practice, the attacker needs authenticated Redis access and usually privileged command scope across scripting and replication control.
  • Replica-only deployment narrowing: The bug matters operationally on replicas where replica-read-only is disabled or can be disabled. That is a sharply smaller slice of Redis estates than 'all Redis with Lua' makes it sound.
  • Public exploit raises the floor: Yoni Sherez published a full exploit and root-cause walk-through on 2026-06-02, so defenders should not write this off as theoretical even though the population is narrow.

Why not higher?

This is not pre-auth internet RCE, and it is not a clean one-command exploit against the average Redis node. Each prerequisite compounds downward pressure: attacker position, authenticated access, dangerous ACL scope, replication manipulation, and a writable replica are all real-world filters that exclude most enterprise deployments.

Why not lower?

The impact is still host-level code execution when the chain lands, and there is public exploit code rather than just an abstract memory-corruption note. If you run shared-service Redis, multi-tenant platforms, or any externally reachable/admin-accessible replicas, this can become a very ugly post-compromise accelerator.

05 · Compensating Control

What to do — in priority order.

  1. Strip dangerous ACL rights — Remove or tightly gate @admin, CONFIG, SLAVEOF/REPLICAOF, and Lua-capable permissions from application identities. For a MEDIUM verdict there is no mitigation SLA — go straight to the 365-day remediation window, but do this immediately on shared or internet-adjacent Redis tiers because it removes the exploit's key prerequisite.
  2. Keep replicas read-only — Enforce replica-read-only yes and alert on any change away from it. There is no mitigation SLA for MEDIUM, but this is the cleanest temporary brake because the published chain specifically wants writable replica behavior.
  3. Disable Lua where unused — If your estate does not rely on EVAL, FUNCTION LOAD, or FCALL, deny those commands or disable the feature path operationally. With no mitigation SLA for MEDIUM, treat this as a hygiene change now and complete vendor remediation inside the 365-day window.
  4. Fence Redis off untrusted networks — Redis should sit on private networks with explicit allowlists; exposed admin paths turn a narrow post-auth flaw into a much more reachable one. Again, there is no mitigation SLA here, but exposed replicas deserve acceleration outside the normal window.
  5. Alert on replication drift — Generate detections for SLAVEOF/REPLICAOF, replica peer changes, slow-script timeouts, and CONFIG SET replica-read-only no. This does not fix the bug, but it catches the exact control-plane activity the exploit needs while you work through remediation within 365 days.
What doesn't work
  • A WAF does not help; this is a native Redis protocol/control-plane issue, not an HTTP attack surface.
  • Simple password rotation alone is insufficient if the replacement credential still has broad ACL rights for scripting and replication commands.
  • Generic version-based scanning alone overstates risk because it misses the runtime conditions that make this exploitable in practice.
06 · Verification

Crowdsourced verification payload.

Run this on the target Redis host or from an auditor box that already has redis-cli network access to the instance. Invoke it as ./check-cve-2026-23631.sh 127.0.0.1 6379 (or set REDISCLI_AUTH first if auth is required); no root is needed, but you do need permission to query INFO and CONFIG GET.

noisgate-verify.sh
BASHREAD-ONLYSAFE
#!/usr/bin/env bash
# check-cve-2026-23631.sh
# Determine practical exposure to CVE-2026-23631 on a Redis instance.
# Outputs one of: VULNERABLE / PATCHED / UNKNOWN
# Exit codes: 0=PATCHED, 1=VULNERABLE, 2=UNKNOWN

set -u

HOST="${1:-127.0.0.1}"
PORT="${2:-6379}"
REDIS_CLI_BIN="${REDIS_CLI_BIN:-redis-cli}"

if ! command -v "$REDIS_CLI_BIN" >/dev/null 2>&1; then
  echo "UNKNOWN - redis-cli not found"
  exit 2
fi

redis_raw() {
  "$REDIS_CLI_BIN" --raw -h "$HOST" -p "$PORT" "$@" 2>/dev/null
}

version_ge() {
  # usage: version_ge current required
  [ "$(printf '%s\n' "$2" "$1" | sort -V | head -n1)" = "$2" ]
}

info_server="$(redis_raw INFO server)"
if [ -z "$info_server" ]; then
  echo "UNKNOWN - unable to query INFO server on ${HOST}:${PORT}"
  exit 2
fi

version="$(printf '%s\n' "$info_server" | awk -F: '/^redis_version:/{gsub(/\r/,"",$2); print $2; exit}')"
if [ -z "$version" ]; then
  echo "UNKNOWN - could not determine redis_version"
  exit 2
fi

info_repl="$(redis_raw INFO replication)"
role="$(printf '%s\n' "$info_repl" | awk -F: '/^role:/{gsub(/\r/,"",$2); print $2; exit}')"

cfg_ro="$(redis_raw CONFIG GET replica-read-only | tail -n1 | tr -d '\r')"
if [ -z "$cfg_ro" ] || [ "$cfg_ro" = "replica-read-only" ]; then
  cfg_ro="$(redis_raw CONFIG GET slave-read-only | tail -n1 | tr -d '\r')"
fi

is_patched_branch=0
case "$version" in
  6.2.*)
    if version_ge "$version" "6.2.22"; then is_patched_branch=1; fi
    ;;
  7.2.*)
    if version_ge "$version" "7.2.14"; then is_patched_branch=1; fi
    ;;
  7.4.*)
    if version_ge "$version" "7.4.9"; then is_patched_branch=1; fi
    ;;
  8.2.*)
    if version_ge "$version" "8.2.6"; then is_patched_branch=1; fi
    ;;
  8.4.*)
    if version_ge "$version" "8.4.3"; then is_patched_branch=1; fi
    ;;
  8.6.*)
    if version_ge "$version" "8.6.3"; then is_patched_branch=1; fi
    ;;
  *)
    # Public vendor guidance is clearest on the maintained branches above.
    # For other versions/builds, avoid a false assertion.
    echo "UNKNOWN - unrecognized or non-standard Redis version '$version'"
    exit 2
    ;;
esac

if [ "$is_patched_branch" -eq 1 ]; then
  echo "PATCHED - Redis $version is at or above a published fixed version"
  exit 0
fi

# Practical exposure test:
# This CVE is operationally relevant on replicas where replica-read-only is disabled.
if [ "$role" = "slave" ] || [ "$role" = "replica" ]; then
  if [ "$cfg_ro" = "no" ]; then
    echo "VULNERABLE - Redis $version is an unpatched writable replica (replica-read-only=no)"
    exit 1
  fi

  if [ "$cfg_ro" = "yes" ]; then
    echo "UNKNOWN - Redis $version is unpatched but currently read-only; exploitability depends on whether an attacker can change replica-read-only or replication state"
    exit 2
  fi

  echo "UNKNOWN - Redis $version is unpatched replica; could not read replica-read-only setting"
  exit 2
fi

echo "UNKNOWN - Redis $version is unpatched, but this check did not observe a runtime replica condition; review ACLs for SLAVEOF/CONFIG and patch"
exit 2
07 · Bottom Line

If you remember one thing.

TL;DR
Monday morning, do not treat this like an internet-wide Redis emergency; treat it like a dangerous post-auth privilege amplifier. Inventory Redis replicas first, identify any nodes with replica-read-only no or broad ACLs that allow scripting plus replication changes, and clean those up immediately as configuration hygiene. Under the noisgate mitigation SLA, there is no mitigation SLA — go straight to the 365-day remediation window; under the noisgate remediation SLA, patch affected Redis lines to 6.2.22 / 7.2.14 / 7.4.9 / 8.2.6 / 8.4.3 / 8.6.3 or equivalent distro backports within 365 days, but do not leave internet-reachable or shared-service writable replicas waiting for that long.

Sources

  1. Redis security advisory
  2. GitHub Security Advisory GHSA-8ghh-qpmp-7826
  3. NVD CVE-2026-23631
  4. ZeroDay.cloud write-up by Yoni Sherez
  5. Public exploit repository
  6. CISA Known Exploited Vulnerabilities Catalog
  7. SUSE CVE page with fixed package versions
  8. Censys Redis exposure research
Peer Review

What defenders are saying.

Submit a review attribution: handle + country only
0 flags selected · stored anonymously
Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.