RedisBloom, a Redis module that provides probabilistic data structures, contains an invalid memory access bug triggered by the RESTORE command. An authenticated attacker who can execute RESTORE can supply a crafted serialized payload that causes the module to dereference memory incorrectly, potentially allowing the attacker to execute arbitrary code on the host running Redis. The weakness is a classic unvalidated input vulnerability (CWE‑122), leading to a high severity outcome. The impact is full control of the affected server, including data destruction, persistence, and lateral movement. The system confidentiality, integrity, and availability are all compromised once the exploit succeeds.

All deployments of RedisBloom before version 2.8.20 are affected. The bug exists in the RedisBloom module when used with any Redis instance that has the module loaded; any user with the appropriate ACL permissions to issue RESTORE commands is at risk. The patch is distributed as part of RedisBloom 2.8.20, which validates serialized values correctly.

The CVSS score of 7.7 indicates a high risk of exploitation, although the EPSS score is not available. The vulnerability is not listed in the CISA KEV catalog. The attack requires an authenticated user with RESTORE privileges, which is typically a local or network administrator level. Once such a user can run RESTORE, the crafted payload can lead to remote code execution. The lack of publicly known exploits suggests the CDS may be low to moderate, but the high severity and requirement of privileged access make it a priority for immediate attention in environments with untrusted users.