Home

Description

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams.

PUBLISHED Reserved 2026-03-25 | Published 2026-03-31 | Updated 2026-03-31 | Assigner floragunn




MEDIUM: 6.8CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-285

CWE-862

Product status

Default status
unaffected

3.0.0 (semver)
affected

References

search-guard.com/cve-advisory/

docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0

cve.org (CVE-2026-4818)

nvd.nist.gov (CVE-2026-4818)

Download JSON