This page aggregates publicly disclosed CVE and security risk information related to dragonflydb, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-26269 | DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer. | [email protected] | 3.3 | 0.19% | 2025-04-17 | 2025-07-11 |
| CVE-2025-26268 | DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked. | [email protected] | 3.3 | 0.32% | 2025-04-17 | 2025-04-25 |