vulnerability context

CVE-2026-46752

CWE-122

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

Published 2026-06-25 · last modified 2026-06-25

details

CISA KEV status: Not in catalog
CWE: CWE-122
OTX pulses: 0 total, 0 recent

View on NVD → · cve.org

source mentions 2

[OffSequence] Apache Kvrocks 2.0.4 – 2.15.0 hit by CRITICAL CVE-2026-46752 (CVSS 10). Heap overflow in cjson can lead to RCE/DoS...Bluesky · 2h ago
CVE-2026-46752: Apache Kvrocks: Stack buffer overflow in Lua bit.tohex()oss-security · 9h ago

source consensus

Bluesky1×
oss-security1×

Want the 3-bullet summary of CVE-2026-46752, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →