Redis 8.x — End of Life
Active High risk5 releases in this series12 CVEs
Redis 8.x — All releases
| Version | Released | Active support | EOL date | Latest patch | Status |
|---|---|---|---|---|---|
| 8.8 | May 25, 2026 | — | No | 8.8.0 | Active |
| 8.6 | Feb 11, 2026 | May 25, 2026 | No | 8.6.4 | Active |
| 8.4 | Nov 18, 2025 | Feb 11, 2026 | No | 8.4.4 | Active |
| 8.2 | Aug 4, 2025 | Nov 18, 2025 | May 25, 2026 | 8.2.7 | EOL |
| 8.0 | May 2, 2025 | Aug 4, 2025 | Feb 11, 2026 | 8.0.6 | EOL |
CVEs affecting Redis 8.x (12)
| CVE | Severity | CVSS | EPSS | KEV | Cycle | Description | Published |
|---|---|---|---|---|---|---|---|
| CVE-2026-25243 | HIGH | 8.8 | 0.11% | — | 8.6 | Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not proper… | May 5, 2026 |
| CVE-2026-25243 | HIGH | 8.8 | 0.11% | — | 8.4 | Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not proper… | May 5, 2026 |
| CVE-2026-25243 | HIGH | 8.8 | 0.11% | — | 8.2 | Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not proper… | May 5, 2026 |
| CVE-2026-25243 | HIGH | 8.8 | 0.11% | — | 8.0 | Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not proper… | May 5, 2026 |
| CVE-2026-23631 | HIGH | 8.1 | 0.09% | — | 8.0 | Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacke… | May 5, 2026 |
| CVE-2026-23631 | HIGH | 8.1 | 0.09% | — | 8.6 | Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacke… | May 5, 2026 |
| CVE-2026-23631 | HIGH | 8.1 | 0.09% | — | 8.2 | Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacke… | May 5, 2026 |
| CVE-2026-23631 | HIGH | 8.1 | 0.09% | — | 8.4 | Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacke… | May 5, 2026 |
| CVE-2026-23479 | HIGH | 8.8 | 0.12% | — | 8.0 | Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not han… | May 5, 2026 |
| CVE-2026-23479 | HIGH | 8.8 | 0.12% | — | 8.4 | Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not han… | May 5, 2026 |
| CVE-2026-23479 | HIGH | 8.8 | 0.12% | — | 8.2 | Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not han… | May 5, 2026 |
| CVE-2026-23479 | HIGH | 8.8 | 0.12% | — | 8.6 | Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not han… | May 5, 2026 |
Frequently asked questions
Is Redis 8 end of life?
Partially. Some Redis 8.x releases have reached EOL. Check the version table above for the exact status of each sub-release.
What CVEs affect Redis 8?
There are 12 CVEs tracked for Redis 8.x. See the full list above with CVSS and EPSS scores.
What is the latest Redis 8 version?
The latest Redis 8.x patch release is 8.8.0, released on May 25, 2026. Always run the latest patch to benefit from all security fixes.
When was Redis 8 first released?
Redis 8.0 was initially released on May 25, 2026. See the full version timeline in the table above.
Is it safe to run Redis 8 in production?
Redis 8 is still supported and safe for production use. Ensure you are running the latest patch version (8.8.0) to have all security fixes applied.
Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA