Low severity3.3NVD Advisory· Published Apr 17, 2025· Updated Jun 17, 2026
CVE-2025-26268
CVE-2025-26268
Description
DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.27.0+ 1 more
- (no CPE)range: <1.27.0
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
3- github.com/dragonflydb/dragonfly/commit/d1fac0f912edb323a2bdd6404c518cda21eac243nvdPatch
- github.com/dragonflydb/dragonfly/compare/v1.26.4...v1.27.0nvdPatchRelease Notes
- github.com/dragonflydb/dragonfly/issues/4466nvdExploitIssue Tracking
News mentions
0No linked articles in our index yet.