Lucene search
+L

8 matches found

NVD
NVD
added 2026/06/12 6:16 p.m.15 views

CVE-2026-47225

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 5:12 p.m.17 views

CVE-2026-47225

Type: CVE-2026-47225 affects Typesense search engine. A cache isolation flaw in versions prior to 29.1 and 30.2 affects requests that use both server-side search result caching and Scoped Search API Keys. Under certain request ordering, cached results could be reused across requests with differen...

6CVSS5.3AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 5:12 p.m.12 views

EUVD-2026-36511

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS5.3AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 5:12 p.m.5 views

CVE-2026-47225 Improper Search Cache Isolation for Scoped Search API Keys in Typesense

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS5.9AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48945

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS5.2AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 6:36 p.m.21 views

GHSA-8P34-64R3-MWG8 Net::IMAP: Command Injection via non-synchronizing literal in "raw" argument

Several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. Details Raw...

5.8CVSS5.7AI score0.00491EPSS
Exploits0References6
CNVD
CNVD
added 2016/07/11 12:0 a.m.9 views

SQL injection vulnerability in the searchKeys parameter of the showresult.jsp page of the newspaper system of Beijing Zixin Newspaper Technology Development Co.

Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. A SQL...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2016/07/11 12:0 a.m.7 views

SQL injection vulnerability in the searchKeys parameter of newspaper system advresult.jsp page at Beijing Zixin Newspaper Technology Development Co.

Zixin Newspaper Digital Newspaper System is a professional information-based multimedia publishing platform for internal journals, newspapers and magazines in different industries, such as newspapers, magazines, schools, groups of enterprises, governments and non-profit organizations. A SQL...

7.6AI score
Exploits0References1
Rows per page
Query Builder