Known Vulnerabilities for X-pack by Elasticsearch
Listed below are 1 of the newest known vulnerabilities associated with "X-pack" by "Elasticsearch".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59702 json | repomix contains a server-side request forgery vulnerability in the POST /api/pack endpoint that allows unauthenticated attac... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-55895 json | Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:Netr... | Not Provided | 2026-06-25 | 2026-06-26 |
| CVE-2026-52810 json | Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git smart HTTP authorizes POST …/git-receive-pack using th... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-50014 json | pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to gi... | Not Provided | 2026-06-25 | 2026-06-26 |
| CVE-2026-49127 json | Music Player Daemon (MPD) before version 0.24.11 contains a stack buffer overflow vulnerability in the pcm_unpack_24be functi... | Not Provided | 2026-05-28 | 2026-05-28 |
| CVE-2026-48827 json | Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pac... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-47734 json | Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version... | Not Provided | 2026-06-10 | 2026-06-10 |
| CVE-2026-47162 json | Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists i... | Not Provided | 2026-06-11 | 2026-06-30 |
| CVE-2026-44451 json | Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX ... | Not Provided | 2026-05-26 | 2026-05-27 |
| CVE-2026-43360 json | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on file creation due to nam... | Not Provided | 2026-05-08 | 2026-05-11 |