Redis Open Source Updates & Release Notes

Update urgency: HIGH: There are critical bugs that may affect a subset of users.

Bug fixes

• #15175, RediSearch/RediSearch#9262 Redis fails to start on AArch64
• #15163 MULTI queue memory incorrect memory accounting
• #15115 Under-copy in the Lua debugger
• #15094 Cluster crash when CLIENT KILL unsubscribes SSUBSCRIBE client inside EXEC
• #14963 XREADGROUP: consumer replication inconsistency
• #14934 Client output buffer memory tracking not accounting for copy-avoided bulk string references
• #14970 Sentinel config injection via SENTINEL SET
• #14982 SCAN commands: integer overflow in COUNT parameter
• #15073 CLIENT TRACKING: self-overlap returning non-zero loop index
• #15059 Use-after-free
• #15037 XINFO STREAM: wrong value in the per-slot memory tracking
• #15034, #15081 Issues processing corrupt RDB data
• #15021 HEXPIRE: overflow on fields count
• #14942 Fix COMMAND GETKEYS for PFMERGE with no source keys
• #15188 cluster-announce-ip rejecting hostnames (regression)
• #14667, #14886 Potential TCP stalls/deadlocks
• RediSearch/RediSearch#9484 Shard crash during background index scan of JSON documents with vector fields on Active-Active (CRDT) databases (MOD-15542)
• RediSearch/RediSearch#9635 Severe latency spikes and shard unresponsiveness when EXPIRE or EXPIREAT operations run concurrently with queries on large indexes (MOD-14930)

Original source

Update urgency: HIGH

There are critical bugs that may affect a subset of users.

Bug fixes

• #15175, RediSearch/RediSearch#9262 Redis fails to start on AArch64
• #15163 MULTI queue memory incorrect memory accounting
• #14581 Rare server hang at shutdown
• #14545 ACL: AOF loading fails if ACL rules are changed and don't allow some commands in MULTI-EXEC
• #14537 SCAN: restore original filter order (revert change introduced in 8.2)
• #14816 setModuleEnumConfig() passing prefixed name to module callbacks
• #14659 ACL: Key-pattern bypass in MSETEX
• #14623 Streams: XTRIM/XADD with approx mode (~) don’t delete entries for DELREF/ACKED strategies
• #14552 Streams: Incorrect behavior when using XDELEX...ACKEDafterXGROUP DESTROY`
• #14848 Crash during command processing on replicas performing full synchronization
• #15188 cluster-announce-ip rejecting hostnames (regression)
• #14667, #14886 Potential TCP stalls/deadlocks
• RediSearch/RediSearch#9484 Shard crash during background index scan of JSON documents with vector fields on Active-Active (CRDT) databases (MOD-15542)
• RediSearch/RediSearch#9635 Severe latency spikes and shard unresponsiveness when EXPIRE or EXPIREAT operations run concurrently with queries on large indexes (MOD-14930)

Original source

Update urgency

HIGH: There are critical bugs that may affect a subset of users.

Bug fixes

• #15175, RediSearch/RediSearch#9262 Redis fails to start on AArch64
• #14537 SCAN: restore original filter order (revert change introduced in 8.2)
• #14816 setModuleEnumConfig() passing prefixed name to module callbacks
• #14623 Streams: XTRIM/XADD with approx mode (~) don’t delete entries for DELREF/ACKED strategies
• #14552 Streams: Incorrect behavior when using XDELEX...ACKEDafterXGROUP DESTROY`
• #14420 Shutdown blocked client not being properly reset after shutdown cancellation
• #14415 Potential crash in lookupKey() when executing_client is NULL
• #14417 CLUSTER FORGET - heap-buffer-overflow
• #15188 cluster-announce-ip rejecting hostnames (regression)
• #14667, #14886 Potential TCP stalls/deadlocks
• RediSearch/RediSearch#9484 Shard crash during background index scan of JSON documents with vector fields on Active-Active (CRDT) databases (MOD-15542)
• RediSearch/RediSearch#9635 Severe latency spikes and shard unresponsiveness when EXPIRE or EXPIREAT operations run concurrently with queries on large indexes (MOD-14930)

Original source

This is the General Availability release of Redis 8.8 in Redis Open Source.

Major changes compared to 8.6

• New data structure: Array (@antirez)
• Subkey notification for hash fields - field-level notifications
• INCREX: a window counter rate limiter combining INCR, INCRBY, INCRBYFLOAT, bounds, and expiration (@raffertyyu + Redis team)
• XNACK: a new streams command - allow consumers to explicitly release pending messages
• ZUNION, ZINTER, ZUNIONSTORE, ZINTERSTORE: new COUNT aggregator
• JSON.SET: new FPHA argument to specify the FP type for homogeneous FP arrays
• TS.RANGE, TS.REVRANGE, TS.MRANGE, TS.MREVRANGE: multiple aggregators in a single command
• FT.HYBRID KNN clause: new argument to request fewer candidates per shard
• FT.PROFILE HYBRID: profiling support for FT.HYBRID
• Performance improvements

Binary distributions

• Alpine and Debian Docker images - https://hub.docker.com/_/redis
• Install using snap - see https://github.com/redis/redis-snap
• Install using brew - see https://github.com/redis/homebrew-redis
• Install using RPM - see https://github.com/redis/redis-rpm
• Install using Debian APT - see https://github.com/redis/redis-debian

Operating systems we test Redis 8.8 on

• Ubuntu 22.04 (Jammy Jellyfish), 24.04 (Noble Numbat), 26.04 (Resolute Raccoon)
• Rocky Linux 8.10, 9.7, 10.1
• AlmaLinux 8.10, 9.7, 10.1
• Debian 12.13 (Bookworm), Debian 13.4 (Trixie)
• Alpine 3.23
• macOS 14.8.4 (Sonoma), 15.7.4 (Sequoia), 26.3 (Tahoe) - for both Intel and ARM

Bug fixes (compared to 8.8-RC1)

• #15237 INCREX syntax update
• #15005 Memory tracking can be enabled at runtime in non-clustered mode
• RedisTimeSeries/RedisTimeSeries#1930 Cluster topology changes during a multi-shard command are not handled (MOD-14439)
• RedisBloom/RedisBloom#1007 Memory leak on RDB load (MOD-15418)

Original source

This is the first Release Candidate of Redis 8.8 in Redis Open Source.

Release Candidates are feature-complete pre-releases. Pre-releases are not suitable for production use.

Headlines:

Redis 8.8 introduces new features and performance improvements.

Operating systems we test Redis 8.8 on

Ubuntu 22.04 (Jammy Jellyfish), 24.04 (Noble Numbat), 26.04 (Resolute Raccoon)

Rocky Linux 8.10, 9.7, 10.1

AlmaLinux 8.10, 9.7, 10.1

Debian 12.13 (Bookworm), Debian 13.4 (Trixie)

Alpine 3.23

macOS 14.8.4 (Sonoma), 15.7.4 (Sequoia), 26.3 (Tahoe) - for both Intel and ARM

Security fixes (compared to 8.8-M03)

(CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.

(CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution

(CVE-2026-23631) Lua Use-After-Free may lead to remote code execution

(CVE-2026-25588) Invalid memory access in RESTORE may lead to Remote Code Execution (Time Series)

(CVE-2026-25589) Invalid memory access in RESTORE may lead to Remote Code Execution (Probabilistic)

New Features (compared to 8.8-M03)

#15162 New data structure: Array (@antirez)

#15045 INCREX: a window counter rate limiter combining INCR,INCRBY,INCRBYFLOAT, bounds, and expiration (@raffertyyu + Redis team)

In group sorting new reducer, allowing unwind grouped documents (after GROUPBY) and sort them

Removed Features (compared to 8.8-M03)

#15191 Remove GCRA rate limiter

Bug fixes (compared to 8.8-M03)

SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)

CONFIG SET: some settings allow invalid characters (RED-167787)

SCRIPT DEBUG: potential crash on scripts (RED-175507)

VADD: crash or buffer overflow on large REDUCE value (RED-170921)

VSET: crash on huge allocations (MOD-12678)

#15188 cluster-announce-ip rejecting hostnames (regression)

#15095 Double free when loading streams with duplicate consumer PEL entries

#15124 Issues processing corrupt Streams RDB data

#15111 fast_float_strtod rounding mismatch

#15190 vecClear reset the logical size without releasing element ownership

#15163 MULTI queue memory incorrect memory accounting

#15094 Cluster crash when CLIENT KILL unsubscribes SSUBSCRIBE client inside EXEC

#15151 Listpack backlength encoding thresholds off-by-one

#15115 Under-copy in the Lua debugger

#14970 Sentinel config injection via SENTINEL SET

#14934 Client output buffer memory tracking not accounting for copy-avoided bulk string references

RediSearch/RediSearch#9182 FT.PROFILE HYBRID returns an empty reply (MOD-14778)

RediSearch/RediSearch#9079 FT.SPELLCHECK treats PARAMS placeholders as literal terms instead of resolving them (MOD-10596)

RediSearch/RediSearch#9047 FT.PROFILE output is inconsistent when a profiled value is missing (MOD-10560)

RediSearch/RediSearch#9078 FT.CREATE now rejects schema definitions with invalid option combinations at creation time (MOD-14655)

RediSearch/RediSearch#9012 PERSIST and HPERSIST notifications are not reflected in index expiration tracking (MOD-14800)

RediSearch/RediSearch#9066 Race condition in FT.HYBRID causes intermittent failures under concurrent hybrid query load (MOD-14732)

RediSearch/RediSearch#9163 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable) (MOD-14475)

RediSearch/RediSearch#9031, RediSearch/RediSearch#9473 Coordinator deadlock under mixed FT.SEARCH and FT.AGGREGATE load (MOD-14268)

RediSearch/RediSearch#9028 Memory leak when FT.DROPINDEX runs concurrently with in-flight hybrid queries (MOD-14135)

RediSearch/RediSearch#9310, RediSearch/RediSearch#9350 FT.CURSOR READ timeout and ON_TIMEOUT FAIL not enforced on coordinator and shard (MOD-14284, MOD-14998)

RediSearch/RediSearch#9425 Cursors not cleaned up after MAXIDLE, causing resource exhaustion (MOD-6430)

RediSearch/RediSearch#9234, RediSearch/RediSearch#9404 Coordinator RETURN_STRICT returns wrong data on partial results, including SORTBY pipeline (MOD-13617)

RediSearch/RediSearch#9382 MAXPREFIXEXPANSION warnings not propagated to clients in cluster mode (MOD-13804)

RediSearch/RediSearch#9218 Search commands fail when no worker thread is available instead of falling back to main thread (MOD-14921)

RediSearch/RediSearch#9448 RDB load missing validation of FT.CREATE arguments, allowing corrupt index state on load (MOD-13118)

RediSearch/RediSearch#9377 Use-after-move in Indexer_Process causes crash during indexing (MOD-14980)

RediSearch/RediSearch#9408 Deadlock between background query and main-thread writer (MOD-15364)

RediSearch/RediSearch#9114 FT.PROFILE prints output using wrong iterator type (MOD-14678)

RediSearch/RediSearch#9421 Confusing error returned when DEBUG_PARAMS_COUNT is zero (MOD-15118)

RediSearch/RediSearch#9045 Stack-smashing error in coordinator code path (MOD-14649)

RedisJSON/RedisJSON#1554 Trailing chars are ignored (MOD-7266); Fixes RedisJSON/RedisJSON#976

RedisJSON/RedisJSON#1543 Wrong mutation ordering for array commands with recursive paths (MOD-6722)

RedisJSON/RedisJSON#1542 JSONPath evaluation issues (MOD-14664); Fixes RedisJSON/RedisJSON#968 (MOD-7264), RedisJSON/RedisJSON#962 (MOD-7272), RedisJSON/RedisJSON#963 (MOD-7270), RedisJSON/RedisJSON#1089 (MOD-7268)

RedisTimeSeries/RedisTimeSeries#2003 Potential crash on disconnections and TLS failures (MOD-14850)

RedisTimeSeries/RedisTimeSeries#2013 count, countNaN, countAll reducers return NaN when all values are NaN (MOD-14420)

Performance and resource utilization improvements (compared to 8.8-M03)

#15049 Hyperloglog: 4 independent accumulators that are merged at the end

#15133 Batched prefetch for MGET and MSET

#14988 Batched prefetch for HGETALL on hashtable-encoded hashes

#15071 Pass size hint to jemalloc for faster deallocation

#15096 Reduces allocator and accounting overhead by adding compile-time jemalloc tuning

RediSearch/RediSearch#9197 Vector index hot path (HNSW and brute-force) devirtualized, reducing per-query latency (MOD-14916)

RediSearch/RediSearch#9262, RediSearch/RediSearch#9476 Inline LSE atomics enabled on AArch64, improving atomic operation throughput on ARM64 (MOD-14916, MOD-15419)

RediSearch/RediSearch#9293 Expiration handling overhead reduced when many keys expire simultaneously (MOD-14916)

RediSearch/RediSearch#9017 LTO (link-time optimization) enabled for x86_64 release builds (MOD-14700)

RediSearch/RediSearch#8765 Shard-level timeout adjusted to coordinator dispatch time for more accurate accounting (MOD-13189)

RediSearch/RediSearch#8790, RediSearch/RediSearch#8900, RediSearch/RediSearch#8827, RediSearch/RediSearch#8971, RediSearch/RediSearch#8966, RediSearch/RediSearch#8762, RediSearch/RediSearch#8678, RediSearch/RediSearch#8915, RediSearch/RediSearch#8653, RediSearch/RediSearch#9085, RediSearch/RediSearch#8751, RediSearch/RediSearch#8692, RediSearch/RediSearch#9224 Iterators ported to Rust, reducing FFI overhead

RediSearch/RediSearch#9500 numRecords no longer updated for vector fields, removing unnecessary write overhead on ingest (MOD-15487)

VecSim SVS thread pool integrated with the worker pool for better thread utilization (MOD-9881)

Configuration parameters

#15182 Slowlog entry truncation limits:

slowlog-entry-max-argc: maximum number of command arguments kept in a slowlog entry

slowlog-entry-max-string-len: maximum length of a command argument in a slowlog entry

RediSearch/RediSearch#8876, RediSearch/RediSearch#8960 Default maximum worker threads value updated; MAX_WORKER_THREADS is now a string config (MOD-14486, MOD-14763)

Metrics (compared to 8.8-M03)

RediSearch/RediSearch#8210, RediSearch/RediSearch#8231 FT.PROFILE: added queue time tracking (MOD-13602)

CLI tools

#15150 Memory leak on malformed legacy help entry in redis-cli

Original source

Update urgency

SECURITY: There are security fixes in the release.

Security fixes

(CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution

(CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution

(CVE-2026-23631) Lua Use-After-Free may lead to remote code execution

(CVE-2026-25588) Invalid memory access in RESTORE may lead to Remote Code Execution (Time Series)

(CVE-2026-25589) Invalid memory access in RESTORE may lead to Remote Code Execution (Probabilistic)

Bug fixes

SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)

CONFIG SET: some settings allow invalid characters (RED-167787)

SCRIPT DEBUG: potential crash on scripts (RED-175507)

VADD: crash or buffer overflow on large REDUCE value (RED-170921)

VSET: crash on huge allocations (MOD-12678)

Potential crash on disconnections and TLS failures (Time Series) (MOD-14850)

RediSearch/RediSearch#8745 Crash when many keys receive expirations under heavy TTL activity (MOD-14500)

RediSearch/RediSearch#8848 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761)

RediSearch/RediSearch#8205, RediSearch/RediSearch#8259 FT.HYBRID VSIM RANGE + FILTER incorrectly returns zero results (MOD-12370, MOD-13884)

RediSearch/RediSearch#9182 FT.PROFILE HYBRID returns an empty reply (MOD-14778)

RediSearch/RediSearch#8129, RediSearch/RediSearch#8140 FT.PROFILE reports an incorrect shard total profile time (MOD-13735, MOD-13181)

RediSearch/RediSearch#9047 FT.PROFILE output is inconsistent when a profiled value is missing (MOD-10560)

RediSearch/RediSearch#8791 FT.EXPLAIN does not lock, causing a race with concurrent index changes (MOD-14461)

RediSearch/RediSearch#8382 Crash when indexing negative zero (-0.0) (MOD-13904)

RediSearch/RediSearch#8590 FILTER returns inconsistent results with multiple indexes sharing field aliases (MOD-14063)

RediSearch/RediSearch#8660 FILTER behavior depends on property order in the expression (MOD-14065)

RediSearch/RediSearch#8593 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064)

RediSearch/RediSearch#8591 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948)

RediSearch/RediSearch#8589 RENAME notification handler loads the wrong key, causing stale index entries after a rename (MOD-14328)

RediSearch/RediSearch#9012 PERSIST and HPERSIST notifications are not reflected in index expiration tracking (MOD-14800)

RediSearch/RediSearch#9079 FT.SPELLCHECK treats PARAMS placeholders as literal terms instead of resolving them (MOD-10596)

RediSearch/RediSearch#8462 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066)

RediSearch/RediSearch#9066 Race condition in FT.HYBRID causes intermittent failures under concurrent hybrid query load (MOD-14732)

RediSearch/RediSearch#8109, RediSearch/RediSearch#8149 Configuration registration omits module parameters, causing them to be unexposed or misapplied (RED-171841)

RediSearch/RediSearch#9163 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable) (MOD-14475)

RediSearch/RediSearch#8395 FT.SEARCH fails with "Query requires unavailable slots" after shard restart or failover (MOD-13828)

RediSearch/RediSearch#8451 FT.INFO-style output no longer reports zero-index summary data when no indices exist (MOD-14079)

RediSearch/RediSearch#9078 FT.CREATE now rejects schema definitions with invalid option combinations at creation time (MOD-14655)

RediSearch/RediSearch#8051, RediSearch/RediSearch#8114 Crash diagnostics now include the IndexSpec of the index the failing thread was working on (MOD-7574)

Metrics

RediSearch/RediSearch#8210, RediSearch/RediSearch#8231 FT.PROFILE: added queue time tracking (MOD-13602)

Original source

Update urgency

SECURITY: There are security fixes in the release.

Security fixes

(CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.

(CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution

(CVE-2026-23631) Lua Use-After-Free may lead to remote code execution

(CVE-2026-25588) Invalid memory access in RESTORE may lead to Remote Code Execution (Time Series)

(CVE-2026-25589) Invalid memory access in RESTORE may lead to Remote Code Execution (Probabilistic)

Bug fixes

SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)

CONFIG SET: some settings allow invalid characters (RED-167787)

SCRIPT DEBUG: potential crash on scripts (RED-175507)

VADD: crash or buffer overflow on large REDUCE value (RED-170921)

VSET: crash on huge allocations (MOD-12678)

Potential crash on disconnections and TLS failures (Time Series) (MOD-14850)

RediSearch/RediSearch#8744 Crash when many keys receive expirations under heavy TTL activity (MOD-14500)

RediSearch/RediSearch#8849 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761)

RediSearch/RediSearch#8258 FT.HYBRID VSIM RANGE + FILTER incorrectly returns zero results (MOD-13885)

RediSearch/RediSearch#9183 FT.PROFILE HYBRID returns an empty reply (MOD-14778)

RediSearch/RediSearch#9048 FT.PROFILE output is inconsistent when a profiled value is missing (MOD-10560)

RediSearch/RediSearch#8792 FT.EXPLAIN does not lock, causing a race with concurrent index changes (MOD-14461)

RediSearch/RediSearch#8384 Crash when indexing negative zero (-0.0) (MOD-13904)

RediSearch/RediSearch#8596 FILTER returns inconsistent results with multiple indexes sharing field aliases (MOD-14063)

RediSearch/RediSearch#8661 FILTER behavior depends on property order in the expression (MOD-14065)

RediSearch/RediSearch#8598 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064)

RediSearch/RediSearch#8597 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948)

RediSearch/RediSearch#8595 RENAME notification handler loads the wrong key, causing stale index entries after a rename (MOD-14062)

RediSearch/RediSearch#9011 PERSIST and HPERSIST notifications are not reflected in index expiration tracking (MOD-14800)

RediSearch/RediSearch#9080 FT.SPELLCHECK treats PARAMS placeholders as literal terms instead of resolving them (MOD-10596)

RediSearch/RediSearch#8461 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066)

RediSearch/RediSearch#9091 Race condition in FT.HYBRID causes intermittent failures under concurrent hybrid query load (MOD-14732)

RediSearch/RediSearch#9161 Coordinator deadlock under mixed FT.SEARCH and FT.AGGREGATE load (MOD-14268)

RediSearch/RediSearch#9165 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable) (MOD-14475)

RediSearch/RediSearch#8394 FT.SEARCH fails with "Query requires unavailable slots" after shard restart or failover (MOD-13828)

RediSearch/RediSearch#8452 FT.INFO-style output no longer reports zero-index summary data when no indices exist (MOD-14080)

RediSearch/RediSearch#9077 FT.CREATE now rejects schema definitions with invalid option combinations at creation time (MOD-14655)

Metrics

RediSearch/RediSearch#8210, RediSearch/RediSearch#8231 FT.PROFILE: added queue time tracking (MOD-13602)

Original source

Update urgency: SECURITY: There are security fixes in the release.

Security fixes

(CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.

(CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution

(CVE-2026-23631) Lua Use-After-Free may lead to remote code execution

(CVE-2026-25588) Invalid memory access in RESTORE may lead to Remote Code Execution (Time Series)

(CVE-2026-25589) Invalid memory access in RESTORE may lead to Remote Code Execution (Probabilistic)

Bug fixes

SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)

CONFIG SET: some settings allow invalid characters (RED-167787)

SCRIPT DEBUG: potential crash on scripts (RED-175507)

VADD: crash or buffer overflow on large REDUCE value (RED-170921)

VSET: crash on huge allocations (MOD-12678)

Potential crash on disconnections and TLS failures (Time Series) (MOD-14850)

RediSearch/RediSearch#8743 Crash when many keys receive expirations under heavy TTL activity (MOD-14500)

RediSearch/RediSearch#8850 HNSW vector index memory growth under high-churn workloads until shard restart (MOD-13761)

RediSearch/RediSearch#9178 Coordinator deadlock under mixed FT.SEARCH and FT.AGGREGATE load (MOD-14268)

RediSearch/RediSearch#9049 FT.PROFILE output is inconsistent when a profiled value is missing (MOD-10560)

RediSearch/RediSearch#8793 FT.EXPLAIN does not lock, causing a race with concurrent index changes (MOD-14461)

RediSearch/RediSearch#8600 FILTER returns inconsistent results with multiple indexes sharing field aliases (MOD-14063)

RediSearch/RediSearch#8662 FILTER behavior depends on property order in the expression (MOD-14342)

RediSearch/RediSearch#8602 Filter expressions are evaluated for indexes that do not match the document type (MOD-14064)

RediSearch/RediSearch#8601 Documents are inconsistently included or excluded depending on the indexing path taken (MOD-13948)

RediSearch/RediSearch#8599 RENAME notification handler loads the wrong key, causing stale index entries after a rename (MOD-14062)

RediSearch/RediSearch#9019 PERSIST and HPERSIST notifications are not reflected in index expiration tracking (MOD-14800)

RediSearch/RediSearch#9081 FT.SPELLCHECK treats PARAMS placeholders as literal terms instead of resolving them (MOD-10596)

RediSearch/RediSearch#8464 GC out-of-memory on replica shards leaves the replica in an inconsistent state (MOD-14066)

RediSearch/RediSearch#8888 FT.CURSOR enters an infinite loop when the ACL user lacks specific permissions (MOD-14479)

RediSearch/RediSearch#9166 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable) (MOD-14475)

RediSearch/RediSearch#8453 FT.INFO-style output no longer reports zero-index summary data when no indices exist (MOD-14081)

RediSearch/RediSearch#9076 FT.CREATE now rejects schema definitions with invalid option combinations at creation time (MOD-14655)

Metrics

RediSearch/RediSearch#8235 FT.PROFILE: added queue time tracking (MOD-13602)

Original source

Update urgency: SECURITY: There are security fixes in the release.

Security fixes

• (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.
• (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution
• (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution

Bug fixes

• SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)
• CONFIG SET: some settings allow invalid characters (RED-167787)
• SCRIPT DEBUG: potential crash on scripts (RED-175507)

Original source

Update urgency: SECURITY: There are security fixes in the release.

Security fixes

• (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution.
• (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code Execution
• (CVE-2026-23631) Lua Use-After-Free may lead to remote code execution

Bug fixes

• SUBSCRIBE, PSUBSCRIBE, SSUBSCRIBE: crash on OOM (RED-167788)
• CONFIG SET: some settings allow invalid characters (RED-167787)
• SCRIPT DEBUG: potential crash on scripts (RED-175507)

Original source

This is the third Milestone of Redis 8.8 in Redis Open Source.

Milestones are non-feature-complete pre-releases. Pre-releases are not suitable for production use.

Headlines

Redis 8.8 introduces new features and performance improvements.

Operating systems we test Redis 8.8 on

Ubuntu 22.04 (Jammy Jellyfish), 24.04 (Noble Numbat), 26.04 (Resolute Raccoon)

Rocky Linux 8.10, 9.7, 10.1

AlmaLinux 8.10, 9.7, 10.1

Debian 12.13 (Bookworm), Debian 13.4 (Trixie)

Alpine 3.23

macOS 14.8.4 (Sonoma), 15.7.4 (Sequoia), 26.3 (Tahoe) - for both Intel and ARM

New Features (compared to 8.8-M02)

• #14958 Subkey notification for hash fields - field-level notifications
• RediSearch/RediSearch#8227 FT.HYBRID KNN clause: new argument to request fewer candidates per shard
• RediSearch/RediSearch#8060 FT.PROFILE HYBRID: profiling support for FT.HYBRID

Bug fixes (compared to 8.8-M02)

• #15034, #15081 Issues processing corrupt RDB data
• #15059 Use-after-free
• #15073 CLIENT TRACKING: self-overlap returning non-zero loop index
• #14982 SCAN commands: integer overflow in COUNT parameter
• #14956 Crash on HSETEX when a field appears more than once and an expiry is specified
• #15015 Change log level for unknown extension types from LL_WARNING to LL_VERBOSE
• #14995 Unnecessary -ERR and \r\n
• RediSearch/RediSearch#8708 Crash when many keys receive expirations under heavy TTL activity
• RediSearch/RediSearch#8774 Coordinator deadlock under mixed FT.SEARCH and FT.AGGREGATE load
• RediSearch/RediSearch#8415 Crash on FT.SEARCH when topology validation fails (for example, some nodes unreachable)
• RediSearch/RediSearch#8322 Crash when indexing negative zero (-0.0)
• RediSearch/RediSearch#8843 HNSW vector index memory growth under high-churn workloads until shard restart
• RediSearch/RediSearch#8396 FILTER returns inconsistent results with multiple indexes sharing field aliases
• RediSearch/RediSearch#8205 FT.HYBRID VSIM RANGE + FILTER incorrectly returns zero results
• RediSearch/RediSearch#8817 Instability and crashes in long-running search cursors during concurrent index updates
• RediSearch/RediSearch#8388 FT.SEARCH fails with “Query requires unavailable slots” after shard restart or failover
• RediSearch/RediSearch#8548 FILTER behavior depends on property order in the expression
• RediSearch/RediSearch#8320 Index FILTER applied inconsistently when documents are missing filtered fields
• RediSearch/RediSearch#8752 Missing blocked-client FAIL timeout mechanism for coordinator-level FT.AGGREGATE
• RediSearch/RediSearch#8657 Missing shard-level FAIL timeout handling for FT.HYBRID queries
• RediSearch/RediSearch#8420 Missing coordinator-level FAIL timeout handling for FT.HYBRID queries
• RediSearch/RediSearch#8335 Legacy shard-level FAIL handling for FT.SEARCH / FT.AGGREGATE
• RediSearch/RediSearch#8191 FT.SEARCH coordinator lacks strict FAIL timeout enforcement

Performance and resource utilization improvements (compared to 8.8-M02)

• #15114 Optimize SET key value GET
• #15065, #15118 Scan commands key collection: replace list with append-only pointer vector
• #15061 Widen fast_float_strtod fast path to 17-19 digit mantissas
• RediSearch/RediSearch#8378 Optimize filter expression evaluation: skip indexes not matching the document type (MOD-14064)

Metrics (compared to 8.8-M02)

• RediSearch/RediSearch#8246 ‘frontend_buffer_size’, ‘HNSW_main_thread_insertion’: metrics for tiered vector indexes (MOD-13819)
• RediSearch/RediSearch#8210 FT.PROFILE: added queue time tracking (MOD-13602)
• RediSearch/RediSearch#8283 INFO: Skip metrics when there are no indices (MOD-13903)
• RediSearch/RediSearch#7417 Add unique error message ids for improved debugging and troubleshooting (MOD-11806)

Configuration parameters

• RediSearch/RediSearch#8876 search-workers: change default to 16 (MOD-14486)
• RediSearch/RediSearch#8352 BG_INDEX_SLEEP_DURATION_US: sleep duration during background indexing (MOD-13994)

Original source

This is the second Milestone of Redis 8.8 in Redis Open Source.

Milestones are non-feature-complete pre-releases. Pre-releases are not suitable for production use.

Headlines

Redis 8.8 introduces new features and performance improvements.

8.8-M02 is available as a Docker image and can be downloaded from Docker Hub. Additional distributions will be introduced in upcoming pre-releases.

Operating systems we test Redis 8.8 on

Ubuntu 22.04 (Jammy Jellyfish), 24.04 (Noble Numbat), 26.04 (Resolute Raccoon)

Rocky Linux 8.10, 9.7, 10.1

AlmaLinux 8.10, 9.7, 10.1

Debian 12.13 (Bookworm), Debian 13.4 (Trixie)

Alpine 3.23

macOS 14.8.4 (Sonoma), 15.7.4 (Sequoia), 26.3 (Tahoe) - for both Intel and ARM

New Features (compared to 8.6)

• #14826, #14905 GCRA (generic cell rate algorithm) rate limiter (based on the redis-cell module by @brandur - thank you!)
• #14797 XNACK: a new streams command that allows consumers to explicitly release pending messages
• RedisJSON/RedisJSON#1509 JSON.SET: new FPHA argument to specify the FP type for FP homogeneous arrays (MOD-13577)
• #14892 ZUNION, ZINTER, ZUNIONSTORE, ZINTERSTORE: new COUNT aggregator
• RedisTimeSeries/RedisTimeSeries#1916 TS.RANGE, TS.REVRANGE, TS.MRANGE, TS.MREVRANGE: multiple aggregators in a single command (MOD-9162)

Bug fixes (compared to 8.6.2)

• #15037 XINFO STREAM: wrong value in the per-slot memory tracking
• #12000 Incorrect shrinking of querybuf when client is reading a big argv
• #15021 HEXPIRE: overflow on fields count
• #14963 XREADGROUP: consumer replication inconsistency
• #15011 Double-free in rdbLoadObject
• #14667, #14886 Potential TCP stalls/deadlocks
• #14942 Fix COMMAND GETKEYS for PFMERGE with no source keys
• #14888 Hardens safety check in lpSafeToAdd
• #14748 Ensure sensitive user data is not exposed in logs when hide_user_data_from_log is enabled
• #14877 INFO KEYSIZES and INFO ALLOCSIZES fixes
• #14878 listpack memory leak in zipmap-to-hash conversion on error path
• #14955 Streams: IDMP-related bug
• #14974, #14932, #14866 Memory leaks
• #14790 Missing initialization
• #14789 DB hash tables not expanding during RDB load on standalone-mode
• #14785 Add HOTKEYS HELP subcommand (Each command having subcommands needs a HELP subcommand)
• #14784 RESTORE and SET: expiredkeys counter updates incorrectly on keys with past expiration time
• #14779 Accurate memory accounting for RedisModuleDict (instead of estimation)
• #14774 Missing cleanup code in getKeysFreeResult() on cross-slot error path
• #14771 Potential unsigned integer underflow in used_memory_dataset calculation
• #14780 Fixed name of HOTKEYS results field sampled-command-selected-slots-us to sampled-commands-selected-slots-us
• #14756 HOTKEYS does not track each command in a MULTI/EXEC block
• #14749 Fixed HOTKEYS GET RESP3 reply fixed to map instead of flat array
• RedisJSON/RedisJSON#1520 Numeric operations on homogeneous arrays: promote to next type if results overflow (MOD-14427)
• RedisJSON/RedisJSON#1519 JSON.NUMINCRBY, JSON.NUMMULTBY don’t error on numeric overflow (MOD-14191)
• RedisJSON/RedisJSON#1487 Depth limit (128) was not fully enforced (MOD-4107)
• RedisTimeSeries/RedisTimeSeries#1910 TS.INCRBY, TS.DECRBY create key before validating args (MOD-8167)
• RedisTimeSeries/RedisTimeSeries#1908 Potential crash on TS.RANGE with aggregation and EMPTY
• RedisTimeSeries/RedisTimeSeries#1896 Potential memory leak (MOD-13438)
• RedisTimeSeries/RedisTimeSeries#1913 ACL rules are not fully enforced for multi-key commands on a cluster setup (MOD-14124)

Performance and resource utilization improvements (compared to 8.6.2)

• #15003 Reduce overhead in command propagation
• #14979 Dismiss dict bucket arrays in fork child to reduce CoW
• #14661 Replace fast_float C++ library with pure C implementation
• #14928 Disable memory tracking in child processes
• #14885 Optimize rax (radix tree) insert and lookup for sequential key patterns
• #14335 Handle primary/replica clients in I/O threads
• #14754 Optimize prefetching commands
• #14770 Optimize BITOP operations with AVX512
• #14862 Streams: Filter expired IDMP entries during RDB save and load
• #14750 SFLUSH can now flush slots partially
• #14887 SFLUSH skips slot trimming when the requested slot ranges exactly match the node’s local slot coverage
• #14851 Skip RDB checksum computation/validation during diskless full synchronization to reduce CPU overhead
• #14783 Pause dict auto-resize during multi-field deletion
• RedisTimeSeries/RedisTimeSeries#1884 TS.RANGE, TS.REVRANGE, TS.MRANGE, TS.MREVRANGE: improve performance on a cluster setup (RED-184104)
• RedisTimeSeries/RedisTimeSeries#1866 Register to type_changed KSN instead of set (MOD-12919)

Modules API

• #14445 Allow modules to associate metadata with keys
• RedisModule_CreateKeyMetaClass - define a new key-metadata class
• RedisModule_ReleaseKeyMetaClass - release a key-metadata class
• RedisModule_SetModuleMetadata - attach or update metadata to a key
• RedisModule_GetKeyMeta - get key metadata

Metrics

• #14896 INFO STATS - global stats for slowlog metrics:
  • slowlog_commands_count - commands written to slowlog
  • slowlog_commands_time_ms_sum - sum of execution times of commands from the slowlog
  • slowlog_commands_time_ms_max - maximum execution time of a command from the slowlog
• #14896 INFO COMMANDSTATS - per-command stats for slowlog metrics:
  • slowlog_count - number of times the command was written in the slowlog
  • slowlog_time_ms_sum - sum of execution time of the command (only from the slowlog)
  • slowlog_time_ms_max - maximum execution time of the command (only from the slowlog)
• #14841 INFO STATS (global, all clients aggregated):
  • total_client_processing_events: attempts to process client input buffers; does not guarantee any command was actually parsed
  • eventloop_cycles_with_clients_processing: event loop cycles where client input buffers were processed
  • commands_per_parse_batch_sum: cumulative number of commands parsed across all parsing batches for all clients
  • commands_per_parse_batch_cnt: number of parsing batches across all clients. A batch is counted each time at least one command is parsed from a client's query buffer
  • commands_per_parse_batch_avg: average commands parsed per batch (sum/cnt). Approximates pipelining depth
• #14841 CLIENT INFO and CLIENT LIST (per-client):
  • read-events: number of read events for this client
  • parse-batch-cmd-sum: cumulative number of commands parsed across all parsing batches for this client
  • parse-batch-cnt: total number of parsing batches for this client. Divide parse-batch-cmd-sum by this value to get the client’s average commands per batch

CLI tools

• #14371 Divide-by-zero in redis-benchmark and redis-cli
• #14863 Memory leak in redis-cli
• #14703 redis-cli --keystats: fix percentile calculation

Original source

Bug fixes

• #14824 Potential UAF: don't use reply copy avoidance for module strings
• #14848 Crash during command processing on replicas performing full synchronization
• #14794 New XIDMPRECORD internal command and AOFRW emission to restore stream IDMP state
• #14816 setModuleEnumConfig() passing prefixed name to module callbacks
• #14858 Streams: Ensures XADD with IDMP/IDMPAUTO that hits an existing IID records the metadata change
• #14855, #14831, #14817 Potential memory leaks
• #14869 Streams: IDMP cron expiration not working after RDB load
• #14847 Potential crash during ACL checks on wrong-arity commands
• #14883 HSETEX, HGETEX do not validate that FIELDS is specified only once
• #14897 Streams: IDMP-related bugs

Original source