Autonomous AI Uncovers Critical Two-Year-Old RCE Vulnerability in Redis
In a groundbreaking development, an autonomous artificial intelligence tool has identified a critical remote code execution (RCE) vulnerability in Redis, a widely used open-source in-memory data structure store. This flaw, designated as CVE-2026-23479, had remained undetected for over two years, affecting all stable Redis versions from 7.2.0 until its recent patch on May 5, 2026.
Discovery and Technical Details
The vulnerability resides in the `unblockClientOnKey()` function within Redis’s `blocked.c` source file. This function is triggered when a key event awakens a blocked command, subsequently dispatching the queued command through `processCommandAndResetClient()`. However, this process inadvertently introduces a use-after-free error (CWE-416), as the function can free the client as a side effect, leading to potential exploitation.
The flaw emerged from two specific code commits:
1. January 2023 Refactor (PR #11012): Introduced the unchecked call to `processCommandAndResetClient()`.
2. March 2023 Update (PR #11568): Added further client access post-call.
Individually, these commits were harmless, but their combination in Redis 7.2.0 created the vulnerability, which persisted through multiple security reviews.
Exploitation Mechanism
The exploitation process involves a three-stage attack:
1. Heap Address Leak: Executing a simple Lua script (`EVAL return tostring(redis.call) 0`) reveals a heap pointer.
2. Memory Manipulation: The attacker adjusts client memory limits, positions a bloated client on a stream, then resets the limits and activates it. This sequence causes Redis to free the blocked client mid-call, allowing a pipelined `SET` command to reclaim the freed memory with a counterfeit client structure.
3. Function Pointer Overwrite: Redis’s memory accounting function, `updateClientMemoryUsage()`, performs an out-of-bounds decrement using attacker-controlled fields. This action targets the Global Offset Table (GOT), redirecting the `strcasecmp()` function to `system()`. Consequently, the next command parsed by Redis executes as a shell command.
Notably, the official Redis Docker image facilitates this exploitation due to its partial RELRO (Relocation Read-Only) configuration, leaving the GOT writable at runtime. Address Space Layout Randomization (ASLR) and Position Independent Executable (PIE) do not mitigate this issue, as the write operation is relative to a global variable with a fixed offset determined at build time.
Authentication and Privileges
Exploiting this vulnerability requires an authenticated session with specific privileges, including `CONFIG SET`, `EVAL`, stream commands (`XREAD`/`XADD`), and basic `SET`/`GET` operations. These correspond to the `@admin`, `@scripting`, `@stream`, and `@read`/`@write` Access Control List (ACL) categories. In default Redis configurations, the default user possesses all these privileges, and many deployments operate without password protection, significantly increasing the risk of exploitation.
Discovery by Autonomous AI
The vulnerability was uncovered by Team Xint Code, an autonomous AI security tool designed to analyze extensive codebases for potential flaws. The team demonstrated a working RCE exploit at the ZeroDay.Cloud 2025 hacking competition in London last December. This discovery underscores the growing role of AI in cybersecurity, particularly in identifying and mitigating vulnerabilities that may elude traditional detection methods.
Implications and Recommendations
Redis’s widespread use in cloud environments amplifies the severity of this vulnerability. An analysis by cloud security firm Wiz indicates that Redis is present in a significant majority of cloud infrastructures, with many instances lacking password protection. This configuration allows attackers to exploit the vulnerability without authentication, posing a substantial threat to data integrity and system security.
Redis has addressed this issue in its latest release, and users are strongly advised to update their installations promptly. Additionally, implementing robust authentication mechanisms and reviewing access controls can further mitigate potential risks.
Conclusion
The identification of CVE-2026-23479 by an autonomous AI tool highlights the evolving landscape of cybersecurity, where artificial intelligence plays a pivotal role in uncovering and addressing complex vulnerabilities. As cyber threats become increasingly sophisticated, integrating AI-driven solutions into security protocols will be essential for proactive defense strategies.
