Executive summaryWiz Research has uncovered a critical Remote Code Execution (RCE) vulnerability, CVE-2025-49844 which we've dubbed #RediShell, in the widely used Redis in-memory data structure store. The vulnerability has been assigned a CVSS score of 10.0 - the highest possible severity.The vulnerability exploits a Use-After-Free (UAF) memory corruption bug that has existed for approximately 13 years in the Redis source code. This flaw allows a post auth attacker to send a specially crafted ma...