A critical remote code execution (RCE) vulnerability in Redis, identified as CVE-2026-23479, has been discovered by an autonomous AI tool designed to detect bugs in extensive codebases. This flaw, present since the release of Redis 7.2.0, remained unnoticed for over two years until its recent patch on May 5, 2026.
The vulnerability stems from a use-after-free error in the blocking-client code, allowing authenticated users to execute arbitrary operating system commands on the host machine. The issue resides in the unblockClientOnKey() function within src/blocked.c. This function, triggered when a key event awakens a blocked command, calls processCommandAndResetClient(), which can free the client as a side effect. Subsequent operations on the now-freed client pointer lead to the use-after-free condition.
Exploitation of this flaw involves a multi-step process:
- Leaking a heap address using a Lua script.
- Manipulating client memory limits and utilizing stream commands to free a client and replace it with a crafted structure.
- Overwriting a function pointer via Redis’s memory accounting mechanisms to redirect execution flow.
Notably, the official Redis Docker image facilitates this exploitation due to its partial RELRO configuration, leaving the Global Offset Table writable at runtime. This configuration allows attackers to redirect function calls to execute arbitrary commands.
While the exploit requires an authenticated session with specific privileges, many Redis deployments operate without password protection, making them susceptible. The default user often possesses the necessary privileges, increasing the risk of exploitation.
Redis has addressed this vulnerability in its latest release and urges users to update their installations promptly. The discovery underscores the effectiveness of AI-driven tools in identifying complex security flaws that may evade traditional detection methods.
As AI continues to evolve, its role in cybersecurity becomes increasingly significant. The ability of autonomous systems to analyze vast codebases and uncover latent vulnerabilities highlights a promising direction for proactive security measures. Organizations should consider integrating such AI tools into their development and security workflows to enhance their defense mechanisms.
Source: The Hacker News
