CVE Catalog
CVE-2026-46752
CriticalCVSS 10.0Exploitation Probability (EPSS)
Low risk0.34%
25th percentile — higher than 25% of all known CVEs
Summary
Vulnerability in the cjson library in Apache Kvrocks causing Lua HEAP overflow. Affects versions from 2.0.4 to 2.15.0.
Risk Assessment
Exploitation of this vulnerability may lead to unauthorized access or system crashes. Organizations should be aware of the potential threats associated with this flaw.
Recommendation
It is recommended to upgrade to version 2.16.0, which fixes the issue. Keeping software up to date is crucial for security.
Original NVD description (English source)
Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

