CVE-2025-46686 Information
Jul 24, 2025
cve
Description
Redis through 7.4.3 allows memory consumption via a multi-bulk command composed of many bulks sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk even when the command is skipped because of insufficient permissions.
Reference
https://github.com/io-no/CVE-Reports/issues/1 https://github.com/redis/redis
Related CNNVD
CNNVD-202507-3040 (Published: 2025-07-23)
Share on: