Hi everyone,
There is a major security hole in ERPNext’s Redis configuration. Your server is vulnerable if you have not setup a firewall.
Action: Please add bind 127.0.0.1 in all the redis configuration files located at frappe-bench/config folder.
If you have been updating ERPNext, running bench update will fix the issue.
Best,
Anand Doshi