CVE-2026-23479 | Redis up to 8.6.2 Data Structure processCommandAndResetClient use after free

A vulnerability, which was classified as critical, has been found in Redis up to 8.6.2. Impacted is the function processCommandAndResetClient of the component Data Structure Handler. This manipulation causes use after free.

This vulnerability is handled as CVE-2026-23479. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More