Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Redis: Unpatched Security Flaws in valkey Package
CLEANSTART-2026-CQ83284
Summary
A third-party package used by Redis, called valkey, contains security vulnerabilities that could allow attackers to access sensitive data or disrupt Redis operations. This affects any system using Redis and the valkey package. Users should update to the latest version of Redis and ensure the valkey package is updated to a secure version.
What to do
- Update valkey to version 7.2.7-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | valkey | <= 7.2.7-r0 | 7.2.7-r0 |
Original title
Redis is an open source, in-memory database that persists on disk
Original description
Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details.
osv CVSS3.1
9.8
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advis... Vendor Advisory
- https://osv.dev/vulnerability/CVE-2024-31227 URL
- https://osv.dev/vulnerability/CVE-2024-31228 URL
- https://osv.dev/vulnerability/CVE-2024-31449 URL
- https://nvd.nist.gov/vuln/detail/CVE-2024-31227 URL
- https://nvd.nist.gov/vuln/detail/CVE-2024-31228 URL
- https://nvd.nist.gov/vuln/detail/CVE-2024-31449 URL
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026