CVE-2026-4799

Summary

In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL.

Affected Software

VendorProductVersion RangeStatus
floragunnSearch Guard FLX1.0.0 <= 4.0.1affected

Weaknesses

  • CWE-601: CWE-601 URL redirection to untrusted site ('open redirect')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References