Skip to main content

Apache Kvrocks CVE-2026-54226

| EUVDEUVD-2026-39331 MEDIUM
Integer Overflow or Wraparound (CWE-190)
6.4
CVSS 4.0 · Vendor
Share

Severity by source

Vendor (CNA) PRIMARY
6.4 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:I/V:D/RE:L/U:Amber
vuln.today AI
6.5 MEDIUM

Network-reachable command requires at minimum ability to issue commands (PR:L assumed for Redis-compatible auth); DoS-only impact, no confidentiality or integrity effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (CNA).

CVSS VectorVendor

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:I/V:D/RE:L/U:Amber
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
N

Lifecycle Timeline

2
CVSS changed
Jun 25, 2026 - 09:23 NVD
6.4 (MEDIUM)
Analysis Generated
Jun 25, 2026 - 04:47 vuln.today

Description PRE-NVD

Disclosed via oss-security. NVD scoring and full description are pending.

AnalysisAI

Remote denial-of-service in Apache Kvrocks via an integer overflow in the RESTORE command's IntSet deserialization path. An attacker who can send commands to a Kvrocks instance can supply a crafted RDB-serialized IntSet payload to the RESTORE command, triggering an integer overflow that crashes the server process. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach Kvrocks network port
Delivery
Authenticate or exploit unauthenticated access
Exploit
Send crafted RESTORE with malformed IntSet payload
Execution
Trigger integer overflow in deserialization
Persist
Crash Kvrocks process
Impact
Service unavailable

Vulnerability AssessmentAI

Exploitation The attacker must have the ability to send commands to the Kvrocks instance over the network - either because authentication is disabled (no requirepass configured, a non-default but common development/internal deployment pattern) or because they possess valid Kvrocks credentials. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No NVD CVSS vector, EPSS score, or KEV listing is available as this is a pre-NVD disclosure. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network access to a Kvrocks instance - either through a misconfigured public-facing deployment or via compromised internal network access - sends a single RESTORE command containing a maliciously crafted RDB-serialized IntSet payload with a manipulated length field designed to trigger an integer overflow during deserialization. The overflow causes an incorrect memory operation (under-allocation or bounds miscalculation) in the Kvrocks process, resulting in a crash and immediate denial of service for all clients connected to the instance. …
Remediation Upgrade to the fixed version of Apache Kvrocks as released by the Apache Software Foundation - the exact patched version number is not available in the current pre-NVD disclosure and should be obtained from the official oss-security post at https://www.openwall.com/lists/oss-security/2026/06/25 and the Apache Kvrocks project release page. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running Apache Kvrocks and assess network exposure of each instance; implement firewall rules to restrict command access to trusted networks only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-54226 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy