[Notice] Multiple vulnerabilities (including CVE-2025-46817) in Redis - Tair (Redis® OSS-Compatible)

Multiple security vulnerabilities have recently been discovered in Redis, including CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, and CVE-2025-49844. Tair (Redis OSS-compatible) has released patches for Redis Open-Source Edition and Tair to address these issues. We recommend you update your instances to the latest minor version as soon as possible to mitigate these vulnerabilities.

Vulnerabilities

Suggestions

To protect your instances, upgrade the instance minor version to one of the following versions, or to the latest available version. For more information, see Update the minor version of an instance.

Redis Open-Source Edition 7.0: 7.0.2.4 or later.
Redis Open-Source Edition 6.0: 6.0.2.24 or later.
Redis Open-Source Edition 5.0: 5.2.24 or later.
Redis Open-Source Edition 4.0: 1.9.19 or later.
Tair Memory-Optimized (Redis 7.0-compatible): 25.10.1.0 or later.
Tair Memory-Optimized (Redis 6.0-compatible): 25.10.1.0 or later.
Tair Memory-Optimized (Redis 5.0-compatible): 25.10.1.0, 5.0.67, or later.
Tair Persistent Memory-Optimized: Version 1.2.7.2 or later.

Note

The open-source Redis community has provided vulnerability fixes only for Redis version 6.2 or later. If you use a self-managed Redis database that is built on open-source code, we recommend upgrading the minor version to 6.2.16 or later as soon as possible to avoid potential losses due to these vulnerabilities.

Tair (Redis® OSS-Compatible):[Notice] Multiple vulnerabilities (including CVE-2025-46817) in Redis

Vulnerabilities

Suggestions

References