Redis has been affected by two security vulnerabilities, CVE-2022-24834 and CVE-2023-36824, which can trigger heap overflows and potentially remote code execution. The vulnerabilities were exploited through specially crafted Lua scripts that could corrupt memory and execute malicious code. Redis has taken steps to prevent harm by providing fixes in supported releases, with some customers being exempt from immediate action due to their cloud-based environment. Customers using older versions of the software are encouraged to upgrade to patched versions as soon as possible to ensure security.