CVE-2026-47225 Improper Search Cache Isolation for Scoped Search API Keys in Typesense

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

CVE-2026-47225 Improper Search Cache Isolation for Scoped Search API Keys in Typesense

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

CVE-2026-47225

Type: CVE-2026-47225 affects Typesense search engine. A cache isolation flaw in versions prior to 29.1 and 30.2 affects requests that use both server-side search result caching and Scoped Search API Keys. Under certain request ordering, cached results could be reused across requests with differen...

EUVD-2026-36511

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

PT-2026-48945

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

SQL Injection

Overview katello is a package that adds Content and Subscription Management to Foreman Affected versions of this package are vulnerable to SQL Injection in the scopedsearch function in app/controllers/katello/api/v2/apicontroller.rb, exploitable via the sortby and sortorder parameters. Remediatio...

Authenticated SQL Injection

katello is vulnerable to authenticated SQL injection attacks. These attacks are possible because there is a flaw in the input sanitization for the scoped search parameters sortby and sortorder...

PT-2016-5356 · Red Hat · Katello

Name of the Vulnerable Software and Affected Versions: Katello affected versions not specified Description: The issue concerns multiple SQL injection vulnerabilities in the scoped search function. These vulnerabilities allow remote authenticated users to execute arbitrary SQL commands. The...

CVE-2016-3072

An input sanitization flaw was found in the scoped search parameters sortby and sortorder in the REST API. An authenticated user could use this flaw to perform an SQL injection attack on the Katello back end database...