Missing Authorization

Overview org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene Affected versions of this package are vulnerable to Missing Authorization in the Rule Based Authorization Plugin, by which the getPermissionName function can be forced to return null. An attacke...

UBUNTU-CVE-2026-22022

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

EUVD-2026-3666

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

Linux Distros Unpatched Vulnerability : CVE-2023-50290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables...

Google Chrome < 132.0.6834.83 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 132.0.6834.83. It is, therefore, affected by multiple vulnerabilities as referenced in the 202501stable-channel-update-for-desktop14 advisory. - Inappropriate implementation in Compositing in Google Chrome prior to...

Sensitive Information Exposure

org.apache.solr: solr-core is vulnerable to Sensitive Information Exposure. The vulnerability is caused due to publishing all unprotected environment variables available to each Apache Solr instance thorough Solr Metrics API. An attacker can access Sensitive Information by exploiting this...