CVE-2026-46752
criticalCVSS v3 Base Score
10.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Vulnerability Report
Generated by CyberWatcher
Description
Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0.
Users are recommended to upgrade to version 2.16.0, which fixes the issue.
CWE
CWE-122Affected Products
Apache Software Foundation Apache Kvrocks