Redis Security Update Advisory (CVE-2025-49844)

Oct 13 2025

Overview

We have released a security update to address a vulnerability in Redis. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-49844

Redis Version: 6.2.20 and earlier
Redis Version: 7.0 and above but below 7.2.11
Redis version: 7.4.0 or later but not earlier than 7.4.6
Redis version: 8.0.0 or later but less than 8.0.4
Redis version: 8.2.0 or later but less than 8.2.2

Resolved Vulnerabilities

Memory corruption vulnerability in Firefox (CVE-2025-49709)
Integer overflow vulnerability in the handling of HashTable used by the JavaScript engine in Firefox (CVE-2025-49710)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-49844

Redis version: 6.2.20 and later
Redis version: 7.2.11 and later
Redis Version: 7.4.6 or later
Redis Version: 8.0.4 and later
Redis version: 8.2.2 or later

References

[1] cve-2025-49844
https://github.com/redis/redis/releases
[2] Lua Use-After-Free may lead to remote code execution
https://github.com/redis/redis/security/advisories/GHSA-4789-qfc9-5f9q

Redis Security Update Advisory (CVE-2025-49844)

Google Chrome Browser (141.0.7390.65/.66) Security Update Advisory

Microsoft Edge browser (141.0.3537.71) version security update advisory

Tags:

Google Chrome Browser (141.0.7390.65/.66) Security Update Advisory

Microsoft Edge browser (141.0.3537.71) version security update advisory