{"id":110677,"date":"2026-05-19T12:00:00","date_gmt":"2026-05-19T12:00:00","guid":{"rendered":"https:\/\/www.red-gate.com\/simple-talk\/?p=110677"},"modified":"2026-05-18T15:23:43","modified_gmt":"2026-05-18T15:23:43","slug":"4-cves-are-affecting-valkey-databases-heres-everything-you-need-to-know-and-what-you-should-do-right-now-to-protect-yours","status":"publish","type":"post","link":"https:\/\/www.red-gate.com\/simple-talk\/databases\/4-cves-are-affecting-valkey-databases-heres-everything-you-need-to-know-and-what-you-should-do-right-now-to-protect-yours\/","title":{"rendered":"4 CVEs are affecting Valkey databases. Here&#8217;s everything you need to know (and what you should do, right now, to protect yours)"},"content":{"rendered":"\n<p>There&#8217;s now another reason an immediate patch is needed for organizations running <a href=\"https:\/\/valkey.io\/topics\/cluster-tutorial\/\" target=\"_blank\" rel=\"noreferrer noopener\">Valkey clusters<\/a>, according to <a href=\"https:\/\/www.percona.com\/blog\/security-advisory-a-series-of-cves-affecting-valkey\/\" target=\"_blank\" rel=\"noreferrer noopener\">Percona<\/a> (and other database experts.)<\/p>\n\n\n\n<p><strong>In this article, I&#8217;ll detail four CVEs affecting your Valkey database. I&#8217;ll tell you what they are, why they&#8217;re dangerous, and detail, step-by-step, exactly what you should do for your users to avoid <a href=\"https:\/\/www.imperva.com\/learn\/application-security\/website-defacement-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">seeing a deface page<\/a> the next time they visit your website. <\/strong><\/p>\n\n\n\n<p>But first, some background.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-valkey-and-what-s-it-used-for\">What is Valkey, and what&#8217;s it used for?<\/h2>\n\n\n\n<p>It\u2019s safe to assume that most of you reading this article will know your way around <a href=\"https:\/\/db-engines.com\/en\/systems\" target=\"_blank\" rel=\"noreferrer noopener\">database management systems<\/a>. And, if so, you&#8217;ll also know that not all DBMS&#8217; are built equal. A system considered &#8216;mainstream&#8217; by one group of developers may not be seen that way by others &#8211; and that&#8217;s exactly the case with Valkey.<\/p>\n\n\n\n<p>In a way, Valkey is like <a href=\"https:\/\/www.red-gate.com\/simple-talk\/databases\/mysql\/getting-started-mysql\/\" target=\"_blank\" rel=\"noreferrer noopener\">MySQL<\/a> or <a href=\"https:\/\/www.red-gate.com\/simple-talk\/databases\/sql-server\/\" target=\"_blank\" rel=\"noreferrer noopener\">SQL Server<\/a> \u2013 and in other ways, it\u2019s different. <a href=\"https:\/\/valkey.io\/\" target=\"_blank\" rel=\"noreferrer noopener\">According to Valkey themselves<\/a>, it&#8217;s an open-source, high-performance key-value datastore, able to support a wide variety of workloads. These workloads include (but are not limited to), caching, <a href=\"https:\/\/www.red-gate.com\/simple-talk\/sysadmin\/general\/a-deep-dive-into-transport-queues-part-1\/\" target=\"_blank\" rel=\"noreferrer noopener\">message queues<\/a>, session storage, real-time analytics, AI and vector workloads, and more.<\/p>\n\n\n\n<p>Valkey is considered a <a href=\"https:\/\/www.red-gate.com\/blog\/sql-vs-nosql-database-model\/\" target=\"_blank\" rel=\"noreferrer noopener\">NoSQL<\/a> database. As such, it solves issues for developers storing flexible structures, including <a href=\"https:\/\/www.red-gate.com\/simple-talk\/databases\/sql-server\/t-sql-programming-sql-server\/introduction-sql-server-spatial-data\/\" target=\"_blank\" rel=\"noreferrer noopener\">geospatial data<\/a>, vectors, and anything else that fits into the <a href=\"https:\/\/db-engines.com\/en\/article\/Key-Value+Stores#:~:text=Encyclopedia%20%3E%20Article-,Key%2Dvalue%20Stores,-Key%2Dvalue%20stores\" target=\"_blank\" rel=\"noreferrer noopener\">key-value database category<\/a>. Valkey is used in industries like gaming, AI systems, and other high-traffic web applications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-why-is-valkey-used-in-these-industries\">Why is Valkey used in these industries? <\/h2>\n\n\n\n<p>Valkey is commonly used in these industries because it provides developers with quite a few advantages:<\/p>\n\n\n<div class=\"block-core-list\">\n<ul class=\"wp-block-list\">\n<li><strong>Low latency<\/strong><br>Since Valkey is primarily an <a href=\"https:\/\/www.mongodb.com\/resources\/basics\/databases\/in-memory-database\" target=\"_blank\" rel=\"noreferrer noopener\">in-memory datastore<\/a>, it stores all of its data in operating memory (RAM), so is able to serve frequently-accessed data from its operating memory. This dramatically reduces load and improves performance.<br><br><\/li>\n\n\n\n<li><strong>Massive throughput<\/strong><br>Valkey&#8217;s infrastructure allows it to process millions of queries per second (depending on specific hardware), which is why it\u2019s used in applications necessitating <a href=\"https:\/\/www.hpe.com\/uk\/en\/what-is\/real-time-processing.html\" target=\"_blank\" rel=\"noreferrer noopener\">real-time processing<\/a>.<br><br><\/li>\n\n\n\n<li><strong>Flexible data structures<\/strong><br>As a NoSQL database, Valkey supports multiple data structures including lists, streams, geospatial data, vectors, and more. Developers use these capabilities to optimize data storage and access patterns based on their exact use case.<br><br><\/li>\n\n\n\n<li><strong>Efficient session management where necessary<\/strong><br>Since Valkey supports automation expiration and read\/write operations, it&#8217;s popular for developers working with user sessions, authentication tokens, and other data. It has built-in support for <a href=\"https:\/\/en.wikipedia.org\/wiki\/Time_to_live\">Time-To-Live<\/a> (TTL), meaning that data can automatically expire after a given period of time.<\/li>\n<\/ul>\n<\/div>\n\n\n<p>For example, running a query like <code>SET session:ID session_data EX 3600<\/code> would:<\/p>\n\n\n<div class=\"block-core-list\">\n<ol class=\"wp-block-list\">\n<li>Create or update a key session:ID (like session:12345\u2026)<br><br><\/li>\n\n\n\n<li>Enable the key to hold the value <code>session_data<\/code>.<br><br><\/li>\n\n\n\n<li>Set the expiration time to 3600 seconds (1 hour.) After an hour passes, this key would be destroyed.<\/li>\n<\/ol>\n<\/div>\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"228\" height=\"595\" src=\"https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-35.png\" alt=\"A graph showing the basic functionality of Valkey\" class=\"wp-image-110678\" srcset=\"https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-35.png 228w, https:\/\/www.red-gate.com\/simple-talk\/wp-content\/uploads\/2026\/05\/image-35-115x300.png 115w\" sizes=\"auto, (max-width: 228px) 100vw, 228px\" \/><figcaption class=\"wp-element-caption\"><em>The<\/em> <em>basic functionality of Valkey<\/em><\/figcaption><\/figure>\n\n\n\n<p>In this case, if we run a query like <code>SET user:1 \u201cBob\u201c<\/code> on Valkey, it&#8217;ll update the <code>key user:1<\/code> with the value of <code>Bob<\/code>. Should the key not already exist, Valkey will create it.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-why-does-valkey-follow-this-format\">Why does Valkey follow this format?<\/h3>\n\n\n\n<p>The reason why Valkey follows such a format is because the \u201c:\u201c here is a <a href=\"https:\/\/www.red-gate.com\/simple-talk\/blogs\/sql-naming-conventions\/\" target=\"_blank\" rel=\"noreferrer noopener\">naming convention<\/a>. It tells Valkey <em>how<\/em> to interact with the data &#8211; for example:<\/p>\n\n\n<div class=\"block-core-list\">\n<ol class=\"wp-block-list\">\n<li>User:1 is a user with the ID of 1.<br><br><\/li>\n\n\n\n<li>Any name after it means that the key bearing a specific ID would have a string value attached to it (e.g. SET user:1 \u201cBob\u201c would affect a key titled user with the ID of 1 and set its string value to \u201cBob\u201c).<br><br><\/li>\n\n\n\n<li><code>Session:token:431426ca26f246bf692f327bbc0c27e6<\/code> would be a session token bearing an MD5 hash.<\/li>\n<\/ol>\n<\/div>\n\n\n<section id=\"my-first-block-block_716067e37957017e6e1b6697881b02cd\" class=\"my-first-block alignwide\">\n    <div class=\"bg-brand-600 text-base-white py-5xl px-4xl rounded-sm bg-gradient-to-r from-brand-600 to-brand-500 red\">\n        <div class=\"gap-4xl items-start md:items-center flex flex-col md:flex-row justify-between\">\n            <div class=\"flex-1 col-span-10 lg:col-span-7\">\n                <h3 class=\"mt-0 font-display mb-2 text-display-sm\">Simple Talk is brought to you by Redgate Software<\/h3>\n                <div class=\"child:last-of-type:mb-0\">\n                                            Take control of your databases with the trusted Database DevOps solutions provider. Automate with confidence, scale securely, and unlock growth through AI.                                    <\/div>\n            <\/div>\n                                            <a href=\"https:\/\/www.red-gate.com\/solutions\/overview\/\" class=\"btn btn--secondary btn--lg\" aria-label=\"Discover how Redgate can help you: Simple Talk is brought to you by Redgate Software\">Discover how Redgate can help you<\/a>\n                    <\/div>\n    <\/div>\n<\/section>\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-a-cve\">What is a CVE?<\/h2>\n\n\n\n<p><strong>CVEs (Common Vulnerabilities and Exposures) are a way for security researchers (and hackers) to map a security flaw to a standardized and globally-recognized identifier, allowing for easier recognition and triage. <\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-what-does-a-cve-entry-look-like\">What does a CVE entry look like?<\/h3>\n\n\n\n<p><strong>A CVE entry looks like <code>CVE-YEAR-ID<\/code>. CVE identifies the vulnerability, YEAR is the year the vulnerability was discovered, and ID is a four-digit serial number identifying the security bug.<\/strong><\/p>\n\n\n\n<p>For example, <code>CVE-2026-6682<\/code> would refer to a vulnerability discovered in 2026 with the ID of 6682.<\/p>\n\n\n\n<p>Knowing this is vital, because <em>no one ID is the same<\/em>. That&#8217;s sort of the entire point of having CVEs in the first place \u2013 each ID maps to one specific vulnerability.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-are-the-4-cves-affecting-valkey-today\">What are the 4 CVEs affecting Valkey today?<\/h2>\n\n\n\n<p>Now for the specific CVEs affecting Valkey. These are:<\/p>\n\n\n\n<p><code>CVE-2025-67733<\/code><\/p>\n\n\n\n<p><code>CVE-2026-21863<\/code><\/p>\n\n\n\n<p><code>CVE-2026-21864<\/code><\/p>\n\n\n\n<p><code>CVE-2026-27623 <\/code><\/p>\n\n\n\n<p>In detail:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>CVE ID<\/strong><\/td><td><strong>About<\/strong><\/td><\/tr><tr><td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-67733\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2025-67733<\/a><\/td><td>Due to code not properly handling <code>NULL<\/code> characters, a malicious party could use commands to return tampered data to users.\u00a0<\/td><\/tr><tr><td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-21863\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2026-21863<\/a><\/td><td>Certain versions of Valkey may crash due to an attacker sending malformed packets.<\/td><\/tr><tr><td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-21864\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2026-21864<\/a><\/td><td>Certain versions of Valkey may be intentionally crashed by an attacker. The flaw could be used as a <a href=\"https:\/\/www.cloudflare.com\/learning\/ddos\/glossary\/denial-of-service\/\" target=\"_blank\" rel=\"noreferrer noopener\">denial-of-service (DoS)<\/a> attack vector.<\/td><\/tr><tr><td><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-27623\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2026-27623<\/a><\/td><td>Certain versions of Valkey may be purposefully crashed by an attacker, the flaw could be used as a DoS attack vector.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>All CVEs except <code>CVE-2026-21864<\/code> affect the Valkey server. <\/strong><\/p>\n\n\n\n<p><code>CVE-2026-21864<\/code>, meanwhile, affects <a href=\"https:\/\/valkey.io\/topics\/valkey-bundle\/\" target=\"_blank\" rel=\"noreferrer noopener\">portions of pre-packaged Valkey images<\/a> (Valkey-bloom and Valkey-bundle.) Valkey&#8217;s creators have already released new versions that include security patches for these vulnerabilities.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-to-do-right-now\">What to do right now<\/h2>\n\n\n\n<p><strong>You should upgrade your Valkey installation to a version that isn\u2019t vulnerable to these kinds of attacks.<\/strong><\/p>\n\n\n\n<p>Upgrade to one of the following:<\/p>\n\n\n<div class=\"block-core-list\">\n<ul class=\"wp-block-list\">\n<li><strong>Valkey-bloom 1.0.1 or above<\/strong> if you\u2019re using Valkey-bloom.<br><br><\/li>\n\n\n\n<li><strong>Valkey-server 7.2.12 or above<\/strong> if you\u2019re using Valkey Server 7.<br><br><\/li>\n\n\n\n<li><strong>Valkey-server 8.0.7 or 8.1.6<\/strong> if you\u2019re using Valkey Server 8.<br><br><\/li>\n\n\n\n<li><strong>Valkey-server 9.0.3 or above<\/strong> if you\u2019re running Valkey Server 9.<\/li>\n<\/ul>\n<\/div>\n\n\n<p>If you\u2019re not running Valkey at all, these flaws don\u2019t apply to your infrastructure, and you\u2019re safe.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-these-4-cves-affecting-valkey-mean-for-you\">What these 4 CVEs affecting Valkey mean for you<\/h2>\n\n\n\n<p><strong>With the CVEs being vulnerable mostly to DoS attacks, any unpatched versions of Valkey could be exploited by hackers.<\/strong> <strong>If you\u2019re not running Valkey, you don\u2019t need to worry. If you are, check to see if your version of Valkey is vulnerable to these CVEs or not.<\/strong><\/p>\n\n\n\n<p>After doing so, keep in mind that database security doesn\u2019t end there. Security for any database (or application) is an ongoing process that requires continuous monitoring, timely patching, and proper best practices. <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-67733\" target=\"_blank\" rel=\"noreferrer noopener\">Take a look into the severity rating of one of these CVEs<\/a> \u2013 even DoS-related vulnerabilities are classified as having HIGH severity. This is especially the case for services that depend on Valkey for caching, session storage, rate limiting, or queue management.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-consequences-of-a-successful-attack\">The consequences of a successful attack<\/h2>\n\n\n\n<p>A successful attack against an exposed or unpatched Valkey deployment, using one or more of the aforementioned CVEs, could lead to degraded application performance, customer unsatisfaction, and data vulnerabilities, among other issues.<\/p>\n\n\n\n<p>In environments where <a href=\"https:\/\/www.red-gate.com\/simple-talk\/sysadmin\/general\/7-things-that-high-availability-is-not\/\" target=\"_blank\" rel=\"noreferrer noopener\">high availability<\/a> is critical, even a short disruption in service can translate into financial loss, <a href=\"https:\/\/www.red-gate.com\/de\/blog\/inside-perspectives-the-growing-importance-of-security-and-compliance\/#:~:text=What%20happens%20when%20companies%20fail%20to%20act\" target=\"_blank\" rel=\"noreferrer noopener\">reputation damage<\/a>, and incident response overhead. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-next-steps-and-why-security-is-not-a-one-and-done-situation\">Next steps (and why security is not a &#8216;one-and-done&#8217; situation)<\/h2>\n\n\n\n<p>That\u2019s why you need to continuously educate yourself by attending <a href=\"https:\/\/www.youtube.com\/watch?v=DPFiT6QwZVA\" target=\"_blank\" rel=\"noreferrer noopener\">workshops<\/a>, <a href=\"https:\/\/passdatacommunitysummit.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">conferences<\/a>, reading books, following security researchers, participating in hands-on labs, and staying up to date with vulnerability disclosures affecting the technologies your organization depends on. <\/p>\n\n\n\n<p>Database and application security is not a static field \u2014 attack techniques evolve, and defensive strategies need to evolve alongside them. <a href=\"https:\/\/www.amazon.com\/Black-Hat-OSINT-Leveraging-Intelligence\/dp\/B0GJMV331J\" target=\"_blank\" rel=\"noreferrer noopener\">Black Hat OSINT<\/a> may be a good starting point for those of you that wonder how your own data is stolen, weaponized, and used against you. <a href=\"https:\/\/www.youtube.com\/watch?v=IRli5I9MxOs\" target=\"_blank\" rel=\"noreferrer noopener\">Likewise, keeping an eye out for some YouTube videos related to Valkey<\/a> is a good idea, too.<\/p>\n\n\n\n<section id=\"my-first-block-block_6c1b79a3b7a5f072b7c7485da4ef9d18\" class=\"my-first-block alignwide\">\n    <div class=\"bg-brand-600 text-base-white py-5xl px-4xl rounded-sm bg-gradient-to-r from-brand-600 to-brand-500 red\">\n        <div class=\"gap-4xl items-start md:items-center flex flex-col md:flex-row justify-between\">\n            <div class=\"flex-1 col-span-10 lg:col-span-7\">\n                <h3 class=\"mt-0 font-display mb-2 text-display-sm\">Protect your data. Demonstrate compliance.<\/h3>\n                <div class=\"child:last-of-type:mb-0\">\n                                            With Redgate, stay ahead of threats with real-time monitoring and alerts, protect sensitive data with automated discovery &#038; masking, and demonstrate compliance with traceability across every environment.                                    <\/div>\n            <\/div>\n                                            <a href=\"https:\/\/www.red-gate.com\/solutions\/use-cases\/security-and-compliance\/\" class=\"btn btn--secondary btn--lg\" aria-label=\"Learn more: Protect your data. Demonstrate compliance.\">Learn more<\/a>\n                    <\/div>\n    <\/div>\n<\/section>\n\n\n<section id=\"faq\" class=\"faq-block my-5xl\">\n    <h2>FAQs: The 4 CVEs currently affecting Valkey databases<\/h2>\n\n                        <h3 class=\"mt-4xl\">1. What are the 4 CVEs currently affecting Valkey databases?<\/h3>\n            <div class=\"faq-answer\">\n                <p>4 CVEs affect Valkey right now: <code>CVE-2025-67733<\/code>, <code>CVE-2026-21863<\/code>, <code>CVE-2026-21864<\/code>, and <code>CVE-2026-27623<\/code>. Three of them are denial-of-service (DoS) vectors, and one allows <code>NULL<\/code> character exploitation to return tampered data to users.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">2. Which versions of Valkey are vulnerable?<\/h3>\n            <div class=\"faq-answer\">\n                <p>Any Valkey server below 7.2.12, 8.0.7, 8.1.6, or 9.0.3 is affected. Valkey-bloom versions below 1.0.1 are also vulnerable via <code>CVE-2026-21864<\/code>.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">3. How do I patch my Valkey installation?<\/h3>\n            <div class=\"faq-answer\">\n                <p>Upgrade to the relevant patched release: Valkey 7 \u2192 7.2.12+, Valkey 8 \u2192 8.0.7 or 8.1.6, Valkey 9 \u2192 9.0.3+, Valkey-bloom \u2192 1.0.1+. Apply the update immediately if your deployment is public-facing.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">4. What is CVE-2026-21864 and what does it affect?<\/h3>\n            <div class=\"faq-answer\">\n                <p>Unlike the other three CVEs, <code>CVE-2026-21864<\/code> targets pre-packaged Valkey images \u2014 specifically Valkey-bloom and Valkey-bundle \u2014 rather than the server itself. An attacker can use it to intentionally crash the service as a DoS attack.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">5. Am I at risk if I don&#039;t use Valkey?<\/h3>\n            <div class=\"faq-answer\">\n                <p>No. These vulnerabilities are specific to Valkey deployments. If your infrastructure does not run Valkey, none of these CVEs apply to you.<\/p>\n            <\/div>\n                    <h3 class=\"mt-4xl\">6. What&#039;s the real-world impact of an unpatched Valkey deployment?<\/h3>\n            <div class=\"faq-answer\">\n                <p>A successful exploit can cause service outages, data integrity issues, financial loss, and reputational damage \u2014 especially for apps relying on Valkey for caching, session storage, rate limiting, or queue management.<\/p>\n            <\/div>\n            <\/section>\n","protected":false},"excerpt":{"rendered":"<p>4 CVEs currently affect Valkey databases. Learn what they are, which Valkey versions are vulnerable, and what you should do right now.&hellip;<\/p>\n","protected":false},"author":339547,"featured_media":110682,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[46,143523],"tags":[4168,4170,4619,5765],"coauthors":[146040],"class_list":["post-110677","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-and-compliance","category-databases","tag-database","tag-database-administration","tag-security","tag-security-and-compliance"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/110677","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/users\/339547"}],"replies":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/comments?post=110677"}],"version-history":[{"count":4,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/110677\/revisions"}],"predecessor-version":[{"id":110689,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/110677\/revisions\/110689"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/media\/110682"}],"wp:attachment":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/media?parent=110677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/categories?post=110677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/tags?post=110677"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/coauthors?post=110677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}