There is a major security hole in ERPNext’s Redis configuration. Your server is vulnerable if you have not setup a firewall.
Action: Please add
bind 127.0.0.1 in all the redis configuration files located at
If you have been updating ERPNext, running
bench update will fix the issue.