Browse all 4 CVE security advisories affecting RedisBloom. AI-powered Chinese analysis, POCs, and references for each vulnerability.
RedisBloom is a Redis module providing probabilistic data structures for scalable applications, commonly used in caching, search, and real-time analytics. Historically, it has been susceptible to remote code execution (RCE) and denial-of-service vulnerabilities, often stemming from unsafe deserialization or buffer overflows in command processing. While no major public incidents are documented, its four CVEs highlight risks in input validation and memory handling. Security teams should enforce strict access controls, sanitize inputs, and maintain updated versions to mitigate exploitation risks, as Redis modules like this can expand attack surfaces when deployed without hardening.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25589 | RedisBloom RESTORE invalid memory access may allow remote code execution — RedisBloomCWE-122 | 8.8 | - | 2026-05-05 |
| CVE-2024-55656 | RedisBloom Integer Overflow Remote Code Execution Vulnerability — RedisBloomCWE-190 | 8.8 | High | 2025-01-08 |
| CVE-2024-25116 | Specially crafted CF.RESERVE command can lead to denial-of-service — RedisBloomCWE-20 | 5.5 | Medium | 2024-04-09 |
| CVE-2024-25115 | RedisBloom heap buffer overflow in CF.LOADCHUNK command — RedisBloomCWE-122 | 7.0 | High | 2024-04-09 |
This page lists every published CVE security advisory associated with RedisBloom. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.