{"vulnerability": "cve-2026-2347", "sightings": [{"uuid": "958d39d8-ae2a-4b1d-b644-2c91c053553b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23477", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mcfsmponb52u", "content": "", "creation_timestamp": "2026-01-14T19:30:52.513205Z"}, {"uuid": "ca41d828-3281-431a-a894-9ad07f45d852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23478", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mcgipjebcv2p", "content": "", "creation_timestamp": "2026-01-15T02:06:08.433265Z"}, {"uuid": "57a7228a-4639-43f3-9ba1-7acbf69e14c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23478", "type": "seen", "source": "https://bsky.app/profile/cyberdudebivash.bsky.social/post/3mcgnl6wnk22q", "content": "", "creation_timestamp": "2026-01-15T03:33:16.031463Z"}, {"uuid": "29924f86-b258-4ba0-b810-778a5c3b5ec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23477", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcfukkivbt2o", "content": "", "creation_timestamp": "2026-01-14T20:05:27.016966Z"}, {"uuid": "50acc356-7760-4a5a-ae16-2ca863dd23b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3ml53nebovc2j", "content": "redis 8.2.6 patches CVE-2026-23479\nFixes three RCE vulnerabilities caused by memory-safety bugs.\nUpgrade carefully.\n\n\u2192 releaseport.com/r/redis-redis/8-2-6", "creation_timestamp": "2026-05-05T21:05:05.473977Z"}, {"uuid": "1fd0c6da-39bc-43bc-831a-2b321d01d6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23478", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mchjxkdx3t2o", "content": "", "creation_timestamp": "2026-01-15T12:01:11.165580Z"}, {"uuid": "d5fb1697-35ab-466e-94e7-54e825a23025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3ml624qsjgu2j", "content": "valkey 9.0.4 patches CVE-2026-23479\nMemory safety bugs in client blocking, data restoration, and Lua execution fixed.\nUpgrade carefully.\n\n\u2192 releaseport.com/r/valkey-io-valkey/9-0-4", "creation_timestamp": "2026-05-06T06:10:33.349807Z"}, {"uuid": "d4a86a43-55aa-47cf-8ba5-fbd52c65a41a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3ml5fsrua3j23", "content": "redis 8.4.3 patches CVE-2026-23479\nPatches three critical RCE vulnerabilities in client, RESTORE, and Lua operations.\nUpgrade carefully.\n\n\u2192 releaseport.com/r/redis-redis/8-4-3", "creation_timestamp": "2026-05-06T00:07:05.417593Z"}, {"uuid": "5fbb94f2-960a-4238-bf67-8e119cda107a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23474", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T20:00:00.000000Z"}, {"uuid": "7f0e5740-5689-424a-ad3f-ce4d644fb436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23475", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T20:00:00.000000Z"}, {"uuid": "53beba6d-3c36-4648-aaba-0c0a95876019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/releaseport.com/post/3ml5pnlpxo32s", "content": "redis 8.6.3 patches CVE-2026-23479\nMultiple RCE vulnerabilities across client handling, data restore, and scripting.\nUpgrade carefully.\n\n\u2192 releaseport.com/r/redis-redis/8-6-3", "creation_timestamp": "2026-05-06T03:03:07.184230Z"}, {"uuid": "5e5ff60d-f7ff-4445-b119-621019cdd444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-redis", "content": "", "creation_timestamp": "2026-05-07T05:34:51.000000Z"}, {"uuid": "5da0cadf-7b82-446b-891e-b374e2aa85ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3ml6wd7neux2u", "content": "\ud83d\udd17 CVE : CVE-2026-23479, CVE-2026-23631, CVE-2026-25243", "creation_timestamp": "2026-05-06T14:35:15.032686Z"}, {"uuid": "fcbdc318-df67-4bbf-a388-5678cc684b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://t.me/bdufstecru/3148", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 processCommandAndResetClient() \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 (\u0421\u0423\u0411\u0414) Redis \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434\n\nBDU:2026-06444\nCVE-2026-23479\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://github.com/redis/redis/releases/tag/8.6.3", "creation_timestamp": "2026-05-12T14:11:34.000000Z"}, {"uuid": "ee648dac-ca84-44cd-ad4f-96ee3cf4a3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/xint-io.bsky.social/post/3mlbyiej4ks2a", "content": "CVE-2026-23479 was one of the high severity bugs we found when we won at Wiz's ZeroDay Cloud competition. Be on the lookout soon for the technical deep dive on ZDC blog \n\nredis.io/blog/securit...", "creation_timestamp": "2026-05-07T19:51:58.300232Z"}, {"uuid": "769e2c00-3a47-4b70-9f56-4e0703e9cf10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/xint-io.bsky.social/post/3mlbyigdiq22a", "content": "CVE-2026-23479 was one of the high severity bugs we found when we won at Wiz's ZeroDay Cloud competition. Be on the lookout soon for the technical deep dive on ZDC blog \n\nredis.io/blog/securit...", "creation_timestamp": "2026-05-07T19:51:58.846264Z"}, {"uuid": "78197e7a-05e1-4faf-a16e-ce6d910146a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/redis-products-multiple-vulnerabilities_20260508", "content": "", "creation_timestamp": "2026-05-07T20:00:00.000000Z"}, {"uuid": "cb4da059-3626-4a6c-bf4f-ac570d6aef2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23470", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260601", "content": "", "creation_timestamp": "2026-05-31T20:00:00.000000Z"}, {"uuid": "dc565f85-be9e-4566-8d67-e5c9957aeb30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23472", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260601", "content": "", "creation_timestamp": "2026-05-31T20:00:00.000000Z"}, {"uuid": "0dfe9cf0-60ec-4258-9b2d-77bc1c531618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2347", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlslusj2hc2n", "content": "\ud83d\udd34 CVE-2026-2347 - Critical (9.8)\n\nAuthorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Techno...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-2347/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-14T10:21:28.801619Z"}, {"uuid": "289c34f0-b3af-45cf-bf17-9a8ec392b746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-2347", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116572463385163397", "content": "\ud83d\udea8 CVE-2026-2347 \u2014 CRITICAL auth bypass in Akilli Commerce E-Commerce Website <4.5.001 via user-controlled key. Session hijack risk. No patch yet \u2014 restrict access, monitor sessions. https://radar.offseq.com/threat/cve-2026-2347-cwe-639-authorization-bypass-through-fe0b7401 #OffSeq #CVE20262347 #infosec #websecurity", "creation_timestamp": "2026-05-14T10:30:31.233511Z"}, {"uuid": "a0a7685f-8218-4e06-9552-b0347d3b4f49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-2347", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlsmeylggc2y", "content": "CRITICAL: Akilli Commerce E-Commerce Website <4.5.001 vulnerable to auth bypass (CVE-2026-2347). Session hijack risk \u2014 no patch yet. Restrict access & monitor activity. https://radar.offseq.com/threat/cve-2026-2347-cwe-639-authorization-bypass-through-fe0b7401 #OffSeq #CVE20262347 #security", "creation_timestamp": "2026-05-14T10:30:32.032182Z"}, {"uuid": "b742d3c3-a3c1-4a6f-b583-441293e1424e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23475", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260601", "content": "", "creation_timestamp": "2026-05-31T20:00:00.000000Z"}, {"uuid": "88d96c6b-8ba2-499b-88ee-79a3ff427e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23474", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260601", "content": "", "creation_timestamp": "2026-05-31T20:00:00.000000Z"}, {"uuid": "f8cc247c-d737-411e-80f3-f6b4f7d80571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23473", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260601", "content": "", "creation_timestamp": "2026-05-31T20:00:00.000000Z"}, {"uuid": "44239056-5133-4143-9f1e-e1450e30326f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mnfcq5xosma2", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) TheHackerNews Redis CVE-2026-23479 enables authenticated RCE; affecting versions since 7.2.0, patched May 5 to reduce exploita...\n\n#Security #News\n\nOrigin | Interest | Match", "creation_timestamp": "2026-06-03T14:23:44.288148Z"}, {"uuid": "246c3d65-576d-4cf6-8173-9d1abdc3479c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/hapsis.bsky.social/post/3mnfgosrm7227", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)\n\nthehackernews.com/2026/06/auto...\n\n#Cybersecurity #ThreatIntel #Vulnerability", "creation_timestamp": "2026-06-03T15:34:26.884118Z"}, {"uuid": "7121311b-50d4-4577-8496-c4cf0e271a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3mnfjyf65dm2z", "content": "Redis Silent Memory Corruption Opens Door to Remote Code Execution \u2014 CVE-2026-23479 Exposes Cloud-Scale Risk Hidden for Two Years +\u00a0Video\n\nIntroduction: A Hidden Failure Inside One of the World\u2019s Most Deployed Databases CVE-2026-23479 represents one of those rare vulnerabilities that does not\u2026", "creation_timestamp": "2026-06-03T16:33:28.541520Z"}, {"uuid": "89af9224-e16d-4cc9-ab2c-f98e88d877bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/10882", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) \u2013 thehackernews.com\n\nWed, 03 Jun 2026 21:47:09", "creation_timestamp": "2026-06-04T04:03:00.000000Z"}, {"uuid": "af482a3d-f583-4c19-9359-d90a721c8a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html", "content": "Redis has  patched  a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases.\nTracked as CVE-2026-23479, the flaw was introduced in Redis 7.2.0 and remained in every stable branch until the May 5 fixes, unnoticed for over two years.", "creation_timestamp": "2026-06-03T11:47:09.000000Z"}, {"uuid": "a23e5f07-7086-45e2-9faa-29ff02424098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://t.me/cibsecurity/89604", "content": "\ud83d\udd8b\ufe0f Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) \ud83d\udd8b\ufe0f\n\nRedis has  patched  a useafterfree in its blockingclient code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built to hunt bugs in large codebases. Tracked as CVE202623479, the flaw was introduced in Redis 7.2.0 and remained in every stable branch until the May 5 fixes, unnoticed for over two years.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-06-03T20:45:25.000000Z"}, {"uuid": "04a5a337-d859-4de3-905c-79ac4ff5ba58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mnfz6ewmok2t", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)", "creation_timestamp": "2026-06-03T21:05:15.225249Z"}, {"uuid": "55216497-b44f-4b9c-ba99-4ba1dac4f4a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/cybersecurity0001.bsky.social/post/3mng2evl5iu2q", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)", "creation_timestamp": "2026-06-03T21:26:48.253087Z"}, {"uuid": "cb090080-6b64-4625-a84a-a93b5c138433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23479", "type": "seen", "source": "https://bsky.app/profile/lumetanews.bsky.social/post/3mngyisldd42z", "content": "Full analysis \u2192\n\nhttps://lumeta.news/en/autonomous-ai-discovers-rce-redis-cve-2026-23479?utm_source=bsky&utm_medium=social&utm_campaign=auto_thread\n\n#Cve202623479 #AutonomousTools #CodeAnalysis", "creation_timestamp": "2026-06-04T06:25:50.715031Z"}, {"uuid": "47de0313-cc44-47c4-a28d-9c0ff5102f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mngifzhxjp2w", "content": "\u81ea\u5f8b\u578bAI\u30c4\u30fc\u30eb\u304cRedis\u306e2\u5e74\u524d\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\uff08CVE-2026-23479\uff09\u3092\u767a\u898b \n\nAutonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)  #HackerNews (Jun 3)\n\nthehackernews.com/2026/06/auto...", "creation_timestamp": "2026-06-04T01:37:57.738603Z"}, {"uuid": "a3582b06-2504-4e61-a8d1-74b9d3d4c66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/sleepydogtsjp.bsky.social/post/3mngbaksyk22m", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479): thehackernews.com/2026/06/auto...", "creation_timestamp": "2026-06-03T23:29:44.017618Z"}, {"uuid": "9967fc50-732c-49bb-a5eb-6c7b689972ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mngd37ke672z", "content": "AI-Powered Penetration Testing: Uncovering The 2-Year-Old Redis RCE That Went Undetected (CVE-2026-23479) +\u00a0Video\n\nIntroduction: The landscape of cybersecurity is changing rapidly as autonomous AI tools are now capable of hunting for complex vulnerabilities in large codebases. A prime example is\u2026", "creation_timestamp": "2026-06-04T00:02:27.003853Z"}, {"uuid": "3a7c3a62-cbdd-4ce3-b596-8891297885d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23479", "type": "seen", "source": "https://gist.github.com/alon710/99a19d019be27796ebd7628a70079b9c", "content": "# CVE-2026-23479: CVE-2026-23479: Use-After-Free Vulnerability in Redis Blocking-Client Command Re-Execution\n\n> **CVSS Score:** 8.8\n> **Published:** 2026-05-05\n> **Full Report:** https://cvereports.com/reports/CVE-2026-23479\n\n## Summary\nCVE-2026-23479 is a critical Use-After-Free (UAF) vulnerability inside the blocking-client code path of the Redis in-memory data structure server. In affected versions from 7.2.0 until 8.6.3, the unblock client flow fails to handle an error return from processCommandAndResetClient when re-executing a previously blocked command. If a blocked client is evicted due to maxmemory limits or client eviction policies during this command processing flow, its client structure is freed. Because the caller ignores the error return and continues processing, it attempts to read and write properties on the freed client structure, leading to a Use-After-Free condition.\n\n## TL;DR\nA Use-After-Free vulnerability in Redis blocking-client flow allows authenticated attackers to execute arbitrary system commands via memory reclamation and GOT overwrite.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-416\n- **Attack Vector**: Network\n- **CVSS Score**: 8.8 (High)\n- **EPSS Score**: 0.00103\n- **Exploit Status**: poc\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- Redis (redis-server) 7.2.x\n- Redis (redis-server) 7.4.x\n- Redis (redis-server) 8.2.x\n- Redis (redis-server) 8.4.x\n- Redis (redis-server) 8.6.x\n- **Redis**: 7.2.0 - 7.2.13 (Fixed in: `7.2.14`)\n- **Redis**: 7.4.0 - 7.4.8 (Fixed in: `7.4.9`)\n- **Redis**: 8.2.0 - 8.2.5 (Fixed in: `8.2.6`)\n- **Redis**: 8.4.0 - 8.4.2 (Fixed in: `8.4.3`)\n- **Redis**: 8.6.0 - 8.6.2 (Fixed in: `8.6.3`)\n\n## Mitigation\n\n- Disable or restrict the CONFIG command to block dynamic maxmemory-clients manipulation.\n- Restrict Lua scripting access using Redis ACLs to prevent heap address leakage.\n- Bind Redis exclusively to localized loopback interfaces or secure private networks.\n\n**Remediation Steps:**\n1. Identify the currently deployed Redis version.\n2. Select the appropriate patched release path (e.g., 7.2.14, 7.4.9, 8.2.6, 8.4.3, or 8.6.3).\n3. Apply the update in a staging environment to verify functionality.\n4. Deploy the patched version to production and restart the redis-server process.\n\n## References\n\n- [GitHub Security Advisory](https://github.com/redis/redis/security/advisories/GHSA-93m2-935m-8rj3)\n- [Redis Official Patch Commit](https://github.com/redis/redis/commit/c14e9925e571c3c8ecbeb8632fe834faa32175ea)\n- [Redis Version 8.6.3 Release Notes](https://github.com/redis/redis/releases/tag/8.6.3)\n- [Wiz Threat Advisory Database Entry](https://www.wiz.io/vulnerability-database/cve/cve-2026-23479)\n- [CVE.org Authority Record](https://www.cve.org/CVERecord?id=CVE-2026-23479)\n- [ZeroDay.Cloud Deep-Dive Analysis](https://www.zeroday.cloud/blog/redis-cve-2026-23479-deep-dive)\n- [Debian CVE Tracker Page](https://security-tracker.debian.org/tracker/CVE-2026-23479)\n- [Xint Code Design Announcement](https://theori.io/blog/announcing-xint-code)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-23479) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T07:10:55.000000Z"}, {"uuid": "abd34f1e-a5f0-416b-b27d-0772604bdf0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://t.me/ctinow/251283", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)\nhttps://ift.tt/kcbv8sR", "creation_timestamp": "2026-06-04T11:14:37.000000Z"}, {"uuid": "a61688dc-7e33-42f8-871b-c4e778f1fa8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3mnhq775opcy2", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html", "creation_timestamp": "2026-06-04T13:30:46.052157Z"}, {"uuid": "29be5a88-a456-434d-a08a-8e1e91fa7318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mnhsad6ryn2s", "content": "Autonomous AI tool discovers critical 2-year-old RCE vulnerability in Redis (CVE-2026-23479). Users urged to update immediately. #CyberSecurity #AI #Redis #Vulnerability Link: thedailytechfeed.com/autonomous-a...", "creation_timestamp": "2026-06-04T14:06:23.796976Z"}, {"uuid": "b52e0a7e-7b8b-400e-a8db-0c4c713dc3bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mnhw2ogjq22h", "content": "Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)\n\nRedis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The flaw was found by an autonomous AI tool built t\u2026\n#hackernews #news", "creation_timestamp": "2026-06-04T15:14:50.006569Z"}, {"uuid": "3b7c6bff-50b2-4ccc-9920-2512109ed378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://t.me/GithubRedTeam/87335", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a redis-cve-2026-23479-check\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a pduggusa\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-04 20:09:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nSafe read-only version checker + Sigma rule for Redis CVE-2026-23479 (authenticated use-after-free \u2192 RCE). Find exposed instances, patch left-of-boom. By DugganUSA.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-04T21:02:45.000000Z"}, {"uuid": "19d7dc2d-0776-4404-a9ee-c254fba5b4c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnise4j3k62c", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-23479\n\n\u2022 CVE ID: CVE-2026-23479\n\u2022 CVSS Score: 3.1 (Medium)\n\u2022 Affected: Redis (CVE\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-04T23:41:10.311476Z"}, {"uuid": "424353e2-4d44-4286-a7c4-77e0a4973656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3mnjahcjefy2t", "content": "The latest update for #Sentrium includes \"#Redis Use-After-Free Remote Code Execution Vulnerability (CVE-2026-23479)\" and \"How much does a penetration test cost?\".\n \n#Cybersecurity #PenTesting #infosec https://opsmtrs.com/3aPKkxS", "creation_timestamp": "2026-06-05T03:53:29.633192Z"}, {"uuid": "abe0ba55-9c63-4d3d-8749-f85b2de062bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrjukwmv2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-23479\n\n\u2022 CVE ID: CVE-2026-23479\n\u2022 CVSS Score: 8.8 (High)\n\u2022 Affected: Redis\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:09.342325Z"}, {"uuid": "28865793-8faf-457b-bb02-06f10a13a06d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/kotosecurity.bsky.social/post/3mnjohqbfyy2j", "content": "BREAKING: Redis CVE-2026-23479 RCE vulnerability discovered. Authenticated attackers can execute OS commands. Patch now. #CyberSecurity #InfoSec", "creation_timestamp": "2026-06-05T08:04:16.695882Z"}, {"uuid": "0328a5f5-b3f3-4be4-81ed-51ec68734461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjpi3k73u2f", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-23479\n\n\u2022 CVE ID: CVE-2026-23479\n\u2022 CVSS Score: 8.8 (High)\n\u2022 Affected: Autonomous Ai Tool\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:22:22.122511Z"}, {"uuid": "40f8a7bb-f4f4-4fcb-94e3-ed1e074f12da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjrjukwmv2p", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-23479\n\n\u2022 CVE ID: CVE-2026-23479\n\u2022 CVSS Score: 8.8 (High)\n\u2022 Affected: Redis\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:59:09.379034Z"}, {"uuid": "161cf530-977d-4000-80d3-2912388d24d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "Telegram/w0GkJHs0a-iOGxRnRQVAJ6txbFx-4W5StLXj-Qhn1zDpC10", "content": "", "creation_timestamp": "2026-06-05T03:00:06.000000Z"}, {"uuid": "8dda8ce8-ab65-4209-aa9e-647d2881b299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjqbecrkj23", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-23479\n\n\u2022 CVE ID: CVE-2026-23479\n\u2022 CVSS Score: 8.8 (High)\n\u2022 Affected: Autonomous Ai Tool\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:36:29.938461Z"}, {"uuid": "aaaea612-405b-412d-ae56-10a62533cc04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23479", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnjqbecrkj23", "content": "\ud83d\udea8 [CRITICAL INFRASTRUCTURE ALERT]: CVE-2026-23479\n\n\u2022 CVE ID: CVE-2026-23479\n\u2022 CVSS Score: 8.8 (High)\n\u2022 Affected: Autonomous Ai Tool\n\nhttps://securitycyber.uk", "creation_timestamp": "2026-06-05T08:36:29.944226Z"}]}