CVE-2026-4818

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4819

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana...

CVE-2026-4818

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4819

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana...

CVE-2026-4799

In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL...

CVE-2026-4819 Search Guard audit logs can contain under certain conditions user credentials

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana...

CVE-2026-4819 Search Guard audit logs can contain under certain conditions user credentials

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana...

CVE-2026-4819

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana...

CVE-2026-4818 Some management operations on data streams are not properly restricted when user does not have the necessary privileges

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4818 Some management operations on data streams are not properly restricted when user does not have the necessary privileges

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4818

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4818

In Search Guard FLX versions 3.0.0 through 4.0.1, a vulnerability allows users without the necessary privileges to execute some management operations against data streams. The CVE indicates a failure to properly restrict certain management actions, enabling potential unauthorized access to sensit...

CVE-2026-4799 Open redirect vulnerability in Search Guard Kibana Plugin via manipulated requests

In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL...

CVE-2026-4799

In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL...

PT-2026-29281

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana...

Search Guard FLX 安全漏洞

Search Guard FLX is an encryption, authentication, and authorization system developed by the German company Search Guard. Versions of Search Guard FLX prior to 4.0.1 contained security vulnerabilities, which were caused by the possibility of redirecting users to untrusted URLs using specially...

PT-2026-29280

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

Search Guard FLX 安全漏洞

Search Guard FLX is an encryption, authentication, and authorization system developed by the German company Search Guard. Versions 1.0.0 to 4.0.1 of Search Guard FLX contain security vulnerabilities, as the audit log function may record credentials of users who log in to Kibana...

CVE-2025-13653

In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges...

CVE-2025-13653 Unauthorized access to documents in data streams with specially crafted requests

In Search Guard FLX versions from 3.1.0 up to 4.0.0 with enterprise modules being disabled, there exists an issue which allows authenticated users to use specially crafted requests to read documents from data streams without having the respective privileges...