CVE-2026-25588 · RedisTimeSeries is a time-series module for Redis.

01 · The Real Story

This is a booby-trapped maintenance hatch, not a front-door smash-and-grab

CVE-2026-25588 is a memory-safety bug in the RedisTimeSeries module's handling of serialized payloads passed through the Redis RESTORE command. The practical blast radius is narrower than generic Redis RCE headlines imply: the target must be running Redis with the RedisTimeSeries module loaded, and the vulnerable upstream module range is versions before 1.12.14, with vendor-fixed branches also called out as 1.10.24 and 1.8.23; Redis also published fixed OSS/CE builds 6.2.22, 7.2.14, 7.4.9, 8.2.6, 8.4.3, and 8.6.3, plus Redis Software fixed builds 8.0.10-64, 7.22.2-79, 7.8.6-253, 7.4.6-279, and 7.2.4-153.

The vendor's HIGH label is technically defensible if you score pure impact in a lab, because successful exploitation can hand over the Redis process. In real enterprise operations, though, this is not an unauthenticated internet worm: it requires valid Redis access, permission to run a dangerous administrative command, and the specific module to be present, while EPSS is low and there is no KEV listing or vendor evidence of active exploitation, so the operational priority lands a notch lower at MEDIUM.

"Real RCE potential, but it is post-auth, module-gated, and command-gated—serious cleanup, not a fire drill."

02 · The Attack Path

4 steps from start to impact.

STEP 01

Reach a Redis endpoint that actually loads RedisTimeSeries

The attacker first needs network reachability to a Redis server and the vulnerable module must be loaded. This is not enough by itself; the flaw lives in RedisTimeSeries code reached through RESTORE, so plain Redis exposure without that module does not satisfy the chain. Weaponized tool: any Redis RESP client, usually stock redis-cli or a custom client.

Conditions required:

Network path to the Redis service
RedisTimeSeries module loaded on the target
Target running an affected branch

Where this breaks in practice:

Many enterprise Redis deployments are internal-only
RedisTimeSeries is a subset of Redis estates, not the default everywhere
External scanners usually fingerprint Redis, not always the loaded module set

Detection/coverage: Unauthenticated scanners can often find Redis, but they usually need authenticated checks or host telemetry to confirm RedisTimeSeries branch/version.

STEP 02

Obtain authenticated Redis access

The advisory and NVD description both make this a post-authentication bug. The attacker must already have a valid Redis credential or equivalent trust path, which means this issue normally becomes reachable after credential theft, insider misuse, application compromise, or an already-won foothold. Weaponized tool: redis-cli -a, application credentials, or stolen service secrets.

Conditions required:

Valid Redis authentication material or trusted access path
Protected mode / network controls not fully blocking the attacker

Where this breaks in practice:

This prerequisite implies prior compromise or privileged insider access
Modern secret management and segmented service networks reduce the exposed population
MFA does not apply directly to Redis, but vaulting and rotation often do

Detection/coverage: Authentication events, new client IPs, and unusual source networks are visible in Redis logs, network telemetry, and PAM/vault audit trails if enabled.

STEP 03

Hold permission to execute RESTORE

Even with Redis credentials, the attacker still needs authorization to run RESTORE, which is exactly why the vendor workaround is to block that command with ACLs. In mature estates, application users often do not need data-import style commands, so this is a meaningful choke point. Weaponized tool: redis-cli RESTORE with a crafted serialized payload.

Conditions required:

Authenticated principal allowed to invoke RESTORE
ACLs not explicitly denying dangerous administrative/import commands

Where this breaks in practice:

Least-privilege Redis ACLs can break the chain completely
Many service accounts only need read/write data commands, not restore/import paths
Managed cloud services may already constrain risky command use

Detection/coverage: High-value command monitoring can flag RESTORE; command auditing and Redis ACL log events are the best direct detections.

STEP 04

Deliver malformed serialized data and win code execution

The attacker sends a crafted serialized value that drives unsafe memory access in the RedisTimeSeries module during RESTORE. If exploit engineering succeeds, impact can range from crash to arbitrary code execution in the Redis server context. Weaponized tool: custom serializer or exploit client; no broadly cited public PoC was found in the sources reviewed.

Conditions required:

Precisely malformed payload compatible with the vulnerable code path
Runtime conditions that allow memory corruption to become reliable impact

Where this breaks in practice:

Memory-corruption exploitation is less turnkey than command injection
No public PoC or in-the-wild evidence was cited by vendor/NVD-linked sources
Reliability can vary by build, allocator, and surrounding hardening

Detection/coverage: Expect weak signature coverage; practical signals are Redis crashes, anomalous RESTORE usage, suspicious child process/network egress from redis-server, and EDR telemetry on the host.

03 · Intelligence Metadata

The supporting signals.

In-the-wild status	Redis states it had no evidence of exploitation in its environment or customer environments at publication on 2026-05-05; no primary-source campaign reporting was found in the reviewed materials. Source: Redis advisory.
KEV status	Not KEV-listed. A search for `CVE-2026-25588` returned no CISA KEV result, and the user-provided intel also says no. Reference catalog: CISA KEV.
PoC availability	No authoritative public exploit or GitHub PoC surfaced in the reviewed primary sources. The best available signal is negative evidence: Docker Scout reports `Exploits found: -`, and Redis/GitHub advisories do not link a PoC. Sources: Docker Scout, GitHub advisory.
EPSS	0.00267 (~0.27%), roughly 50th percentile from the surfaced EPSS mirrors, which is low for a bug with this headline impact. Sources: Docker Scout, Snyk.
CVSS and what it really means	NVD shows CVSS v3.1 8.8 HIGH (`AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`) while the GitHub CNA CVSS v4 base is 7.7 HIGH with `AC:H`. The delta matters: the v3 vector underrates the real exploit friction introduced by post-auth access plus dangerous-command permission plus module presence. Sources: NVD, GitHub advisory.
Attack prerequisites	Primary-source prerequisites are explicit: RedisTimeSeries loaded, attacker authenticated, and permission to execute `RESTORE`. That is a materially narrower path than a generic network RCE. Source: GitHub advisory.
Affected versions	NVD describes the vulnerable module range as all versions before `1.12.14`. Redis separately states impacted product lines include all Redis OSS/CE releases until the fixed builds listed in its advisory, because the vulnerable module path ships inside those product releases. Sources: NVD, Redis advisory.
Fixed versions	Redis lists fixed module branches as RedisTimeSeries `1.12.14`, `1.10.24`, and `1.8.23`. It also lists fixed product releases: OSS/CE `6.2.22`, `7.2.14`, `7.4.9`, `8.2.6`, `8.4.3`, `8.6.3` and Redis Software `8.0.10-64`, `7.22.2-79`, `7.8.6-253`, `7.4.6-279`, `7.2.4-153`. Source: Redis advisory.
Downstream/backport posture	Ubuntu tracks this as Medium and shows multiple releases still at Needs evaluation, which means distro consumers cannot assume instant downstream coverage. Bitnami also maps impacted Redis image ranges and fix version `8.2.6` for its container stream. Sources: Ubuntu CVE page, Docker Scout / Bitnami.
Exposure data	There is no strong internet-scale fingerprint in the reviewed sources for RedisTimeSeries specifically, which itself is a friction point for attackers and scanners. As a rough exposure backdrop, Censys previously observed 350,675 internet-accessible Redis services and 39,405 unauthenticated ones; that supports caution on Redis exposure generally, but inferring RedisTimeSeries population from it is only an approximation. Source: Censys exposed Redis analysis.
Disclosure and credit	Published 2026-05-05. Redis credits Team Skateboarding Dog (Joseph Surin, John Stephenson, and Annie Nie) and says the issue was identified during Wiz ZeroDay.Cloud activity. Source: Redis advisory.

04 · The Call

noisgate verdict.

Final Verdict

↓ DOWNGRADED to MEDIUM (6.3/10)

The decisive factor is that this is not initial-access friendly: exploitation requires authenticated Redis access plus permission to run RESTORE, and that combination sharply narrows who can realistically hit it. Impact is unquestionably serious if triggered, but the reachable population is much smaller than the vendor's network-RCE framing suggests.

HIGH Vulnerability facts, prerequisites, and fixed versions from Redis/GitHub/NVD

MEDIUM Real-world exposure population for RedisTimeSeries specifically

MEDIUM Exploit availability assessment based on absence of public PoC in reviewed sources

Why this verdict

Start from 8.8 HIGH, then subtract for post-auth reality: the attacker must already hold valid Redis access, which usually means stolen creds, app compromise, or insider misuse rather than clean-sheet internet exploitation.
Subtract again for command-level privilege: needing RESTORE permission is not cosmetic; mature Redis ACLs often deny risky import/admin commands to application users, and the vendor workaround exists precisely because this breaks the chain.
Subtract again for module gating and population narrowing: only Redis servers with RedisTimeSeries loaded are in scope, and RedisTimeSeries is a subset of Redis deployments; Redis Cloud is already fixed and generic Redis scan counts overstate this module's reachable population.
Subtract for current threat intel: no KEV listing, no vendor-confirmed exploitation, no authoritative public PoC in reviewed sources, and a low EPSS all argue against treating this as emergency-wide incident response.
Keep it above LOW because the impact is still ugly: if an attacker already sits in the right seat, this can become code execution in the Redis process and lead to data theft, tampering, or service loss.

Why not higher?

A higher rating would fit an unauthenticated or broadly reachable exploit path. This one is gated by authentication, by a dangerous command privilege, and by the presence of a specific optional module, so it behaves like a post-compromise amplifier rather than a universal external break-in. The lack of active exploitation evidence and low EPSS reinforce the downgrade.

Why not lower?

This is still memory corruption with plausible RCE in a high-value data service. Once an attacker has the needed access, the impact ceiling is full compromise of the Redis process, so writing it off as hygiene would understate the consequence.

05 · Compensating Control

What to do — in priority order.

Deny RESTORE to app identities — Use Redis ACLs to remove RESTORE from every service account that does not explicitly need import/restore workflows. For a MEDIUM noisgate verdict there is no mitigation SLA, so treat this as immediate hardening work while you schedule patching inside the 365-day remediation window.
Fence Redis behind trusted networks only — Restrict source IPs and service-to-service paths so only known application tiers and admin jump points can reach Redis. This reduces the odds that stolen cloud creds, developer laptops, or adjacent workloads can reach the vulnerable code path; again, there is no mitigation SLA for MEDIUM, but this is worth doing now because it cuts exposure for more than this CVE.
Inventory Redis modules explicitly — Update your CMDB, discovery jobs, or config scans to record whether RedisTimeSeries is loaded and which branch it is on. That lets you avoid wasting cycles on plain Redis nodes that are not affected and focus remediation within the 365-day window on the systems that actually carry the module.
Alert on RESTORE usage — Create detections for RESTORE execution by non-admin identities and for any sudden spike in data-import style commands. This will not fix the bug, but it is a strong tripwire for attempted exploitation and high-risk misuse while you work through remediation.

What doesn't work

Relying on Redis authentication alone does not help, because the vulnerability is explicitly reachable by an authenticated user.
Patching only the core redis-server package while leaving an old RedisTimeSeries module in place does not solve the module bug.
An HTTP WAF is irrelevant for native Redis/RESP traffic on port 6379 and will not inspect the payloads that matter here.
Generic unauthenticated network scans will miss the decisive question: whether RedisTimeSeries is loaded and on a vulnerable branch.

06 · Verification

Crowdsourced verification payload.

Run this from an auditor workstation or admin jump host that can reach the Redis service, or directly on the target host if that's easier. Invoke it as ./check_redistimeseries_cve_2026_25588.sh 10.0.12.34 6379 'SuperSecret'; it needs redis-cli installed and a Redis credential allowed to run MODULE LIST.

noisgate-verify.sh

BASHREAD-ONLYSAFE

#!/usr/bin/env bash
# check_redistimeseries_cve_2026_25588.sh
# Exit codes:
#   0 = PATCHED / not affected
#   1 = VULNERABLE
#   2 = UNKNOWN / error

set -u

HOST="${1:-127.0.0.1}"
PORT="${2:-6379}"
PASS="${3:-}"

if ! command -v redis-cli >/dev/null 2>&1; then
  echo "UNKNOWN - redis-cli not found"
  exit 2
fi

REDIS_CMD=(redis-cli -h "$HOST" -p "$PORT" --raw)
if [ -n "$PASS" ]; then
  REDIS_CMD+=( -a "$PASS" )
fi

OUTPUT="$(${REDIS_CMD[@]} MODULE LIST 2>&1)"
RC=$?
if [ $RC -ne 0 ]; then
  echo "UNKNOWN - failed to query Redis: $OUTPUT"
  exit 2
fi

if echo "$OUTPUT" | grep -qiE 'NOAUTH|WRONGPASS|AUTH failed|DENIED'; then
  echo "UNKNOWN - authentication/authorization failed for MODULE LIST"
  exit 2
fi

if [ -z "$OUTPUT" ]; then
  echo "UNKNOWN - empty response from MODULE LIST"
  exit 2
fi

# Parse raw MODULE LIST output. In --raw mode it is typically key/value lines per module.
current_name=""
current_ver=""
found_name=""
found_ver=""
expect=""

while IFS= read -r line; do
  case "$line" in
    name)
      expect="name"
      ;;
    ver)
      expect="ver"
      ;;
    *)
      if [ "$expect" = "name" ]; then
        current_name="$line"
        expect=""
      elif [ "$expect" = "ver" ]; then
        current_ver="$line"
        expect=""
        case "$current_name" in
          timeseries|RedisTimeSeries|redistimeseries)
            found_name="$current_name"
            found_ver="$current_ver"
            ;;
        esac
      fi
      ;;
  esac
done <<< "$OUTPUT"

if [ -z "$found_name" ]; then
  echo "PATCHED - RedisTimeSeries module not loaded on this Redis instance"
  exit 0
fi

if ! [[ "$found_ver" =~ ^[0-9]+$ ]]; then
  echo "UNKNOWN - could not parse RedisTimeSeries module version: $found_ver"
  exit 2
fi

# Redis modules often encode semver as integer, e.g. 1.12.14 -> 11214.
# Vendor fixed branches cited by Redis: 1.12.14, 1.10.24, 1.8.23.
ver="$found_ver"

is_patched=1
if [ "$ver" -ge 11214 ]; then
  is_patched=0
elif [ "$ver" -ge 11024 ] && [ "$ver" -lt 11100 ]; then
  is_patched=0
elif [ "$ver" -ge 10823 ] && [ "$ver" -lt 10900 ]; then
  is_patched=0
fi

if [ $is_patched -eq 0 ]; then
  echo "PATCHED - RedisTimeSeries module version integer $ver is on a cited fixed branch"
  exit 0
fi

echo "VULNERABLE - RedisTimeSeries module version integer $ver is below cited fixed branches (1.12.14 / 1.10.24 / 1.8.23)"
exit 1

07 · Bottom Line

If you remember one thing.

TL;DR

Monday morning, do not treat this like an internet-scale emergency, but do not leave it floating either: inventory every Redis node that actually loads RedisTimeSeries, remove RESTORE from non-admin identities where possible, and queue the affected module/product branches for normal patch execution. For a MEDIUM verdict, there is no noisgate mitigation SLA — go straight to the 365-day remediation window; in practice that means use ACL/network hardening now as sensible hygiene, then complete the actual vendor upgrade within the noisgate remediation SLA of 365 days unless your environment knowingly exposes Redis to untrusted users, in which case you should accelerate locally based on exposure.

Sources

Peer Review

What defenders are saying.

Submit a review attribution: handle + country only

0 flags selected · stored anonymously

Validation Results

Crowdsourced verification outputs.

Results submitted by users who ran the verification payload against their environment.