---
title: "Aerospike Database 7.2.0.20 Release Notes"
description: "Release notes for Aerospike Database 7.2.0.20, covering security fixes for CDT and KVS, XDR stack overflow, CDT out-of-bounds reads, and memory fixes."
---

# Aerospike Database 7.2.0.20 Release Notes

> For the complete documentation index see: [llms.txt](https://aerospike.com/docs/llms.txt)
> 
> All documentation pages available in markdown.

June 19, 2026  |  **[Download](https://aerospike.com/download/)**

## Security fixes

### AER-6925

(CDT) CVE-2026-PENDING Fixed a rare crash from an out-of-bounds read when comparing msgpack integers.

Editions affected: Enterprise, Federal & Community

### AER-6926

(KVS) CVE-2026-55749 Fixed a memory leak when a proxy target received malformed or oversized requests.

Editions affected: Enterprise, Federal & Community

### AER-6930

(CDT) CVE-2026-55753 Fixed list or map values in a filter expression bypassing validation.

Editions affected: Enterprise, Federal & Community

## Bug fixes

### AER-6921

(KVS) Fix use\_mounts memory leak on xmem pmem initialization error paths.

Editions affected: Enterprise, Federal & Community

### AER-6923

(MEMORY) Restrict jem-stats output file path to prevent arbitrary file writes.

Editions affected: Enterprise, Federal & Community

### AER-6924

(CDT) Fixed out-of-bounds read when parsing crafted truncated msgpack wire data.

Editions affected: Enterprise, Federal & Community

### AER-6929

(XDR) Fix unbounded stack growth when retrieving datacenter state.

Editions affected: Enterprise & Federal Only

## Known issues

[Known issues for 7.2.0.20](https://aerospike.com/docs/database/reference/issues?search=7.2.0.20)