Redis use-after-free→GOT-overwrite RCE; public PoC chain, 85% cloud Redis passwordless
cve · CVE-2026-23479
Coverage timeline
1
first 2026-06-05 → last 2026-06-05
Briefs
1
1 distinct
Sources cited
25
17 hosts
Sections touched
1
deep_dive
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-05CTI Daily Brief — 2026-06-05
Where this entity is cited
- deep_dive1
Source distribution
- nvd.nist.gov5 (20%)
- thehackernews.com4 (16%)
- attack.mitre.org2 (8%)
- bleepingcomputer.com1 (4%)
- blog.litespeedtech.com1 (4%)
- checkmarx.com1 (4%)
- github.com1 (4%)
- isc.sans.edu1 (4%)
- other9 (36%)
External references
All cited sources (25)
- zeroday.cloudprimaryinlineZeroDay.Cloud, 2026-06-02https://www.zeroday.cloud/blog/redis-cve-2026-23479-deep-dive
- attack.mitre.orginline`T1059`https://attack.mitre.org/techniques/T1059/
- attack.mitre.orginline`T1203`https://attack.mitre.org/techniques/T1203/
- bleepingcomputer.cominlineBleepingComputer, 2026-05-29https://www.bleepingcomputer.com/news/security/california-ag-sues-23andme-over-2023-breach-exposing-health-data/
- blog.litespeedtech.cominlineLiteSpeed, 2026-05-21https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/
- checkmarx.cominlineCheckmarx, 2026-05-12https://checkmarx.com/blog/ongoing-security-updates/
- github.cominlineGitHub Advisory GHSA-fxrh-cwjh-m33v, 2026-05-21https://github.com/advisories/GHSA-fxrh-cwjh-m33v
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-18https://isc.sans.edu/diary/rss/32994
- microsoft.cominlineMicrosoft Security Blog, 2026-05-26https://www.microsoft.com/en-us/security/blog/2026/05/26/poisoned-search-results-gpu-mining-cryptojacking-campaign-abusing-screenconnect-microsoft-net-utilities/
- nvd.nist.govinlineCVE-2025-29927https://nvd.nist.gov/vuln/detail/CVE-2025-29927
- nvd.nist.govinlineCVE-2025-48703https://nvd.nist.gov/vuln/detail/CVE-2025-48703
- nvd.nist.govinlineCVE-2025-55182https://nvd.nist.gov/vuln/detail/CVE-2025-55182
- nvd.nist.govinlineCVE-2025-9501https://nvd.nist.gov/vuln/detail/CVE-2025-9501
- nvd.nist.govinlineCVE-2026-1357https://nvd.nist.gov/vuln/detail/CVE-2026-1357
- oag.ca.govinlineCalifornia OAG, 2026-05-28https://oag.ca.gov/news/press-releases/attorney-general-bonta-sues-chrome-holding-co-formerly-known-23andme-over-2023
- ox.securityinlineOX Security, 2026-05-17https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/
- redis.ioinlineRedis, 2026-05-05https://redis.io/blog/security-advisory-cve202623479-cve202625243-cve-2026-25588-cve202625589-cve-2026-23631/
- securityweek.cominlineSecurityWeek, 2026-05-08https://www.securityweek.com/pcpjack-worm-removes-teampcp-infections-steals-credentials/
- sentinelone.cominlineSentinelLabs, 2026-05-07https://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/
- thehackernews.cominlineThe Hacker News, 2026-06-03https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/ai-chatbot-recommendations-redirect.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/four-malicious-npm-packages-deliver.html
- thehackernews.cominlineThe Hacker News, 2026-05-07https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html
- theregister.cominlineThe Register, 2026-05-29https://www.theregister.com/legal/2026/05/29/rob-bonta-sues-23andmes-new-owners-over-2023-breach/5248565
- volexity.cominlineVolexity, 2026-06-04https://www.volexity.com/blog/2026/06/04/verdantbamboo-just-another-brickstorm-in-the-firewall/
Items in briefs about Redis use-after-free→GOT-overwrite RCE; public PoC chain, 85% cloud Redis passwordless
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.