Valkey Products Multiple Vulnerabilities

Release Date: 7 May 2026

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Valkey Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

---

Impact

• Denial of Service
• Security Restriction Bypass
• Remote Code Execution
• Information Disclosure

---

System / Technologies affected

Versions prior to:

 

• Valkey 9.0.4
• Valkey 8.1.7
• Valkey 7.2.13

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 

• Valkey 9.0.4
• Valkey 8.1.7
• Valkey 7.2.13

---

Vulnerability Identifier

• CVE-2026-23479
• CVE-2026-23631
• CVE-2026-25243

---

Source

• Valkey

---

Related Link

• https://github.com/valkey-io/valkey/releases/tag/9.0.4
• https://github.com/valkey-io/valkey/releases/tag/8.1.7
• https://github.com/valkey-io/valkey/releases/tag/7.2.13