CVE-2025-26268

Published April 17th, 2025

View on NVD ↗

CVSS v3

3.3

LOW

CVSS v2

N/A

Affected

PROJECT

Description

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked.

dragonflydb/dragonfly

A modern replacement for Redis and Memcached

GitHub

30.6K