{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4799", "assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255", "state": "PUBLISHED", "assignerShortName": "floragunn", "dateReserved": "2026-03-25T08:43:23.387Z", "datePublished": "2026-03-31T14:41:05.646Z", "dateUpdated": "2026-03-31T17:20:02.797Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9f311a02-c44f-4938-8530-9219246b8255", "shortName": "floragunn", "dateUpdated": "2026-03-31T14:41:05.646Z"}, "title": "Open redirect vulnerability in Search Guard Kibana Plugin via manipulated requests", "datePublic": "2026-03-31T10:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-601", "description": "CWE-601 URL redirection to untrusted site ('open redirect')", "type": "CWE"}]}], "affected": [{"vendor": "floragunn", "product": "Search Guard FLX", "versions": [{"status": "affected", "version": "1.0.0", "lessThanOrEqual": "4.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL."}]}], "references": [{"url": "https://search-guard.com/cve-advisory/"}, {"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T17:19:54.253854Z", "id": "CVE-2026-4799", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T17:20:02.797Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4799", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T17:19:54.253854Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T17:19:58.969Z"}}], "cna": {"title": "Open redirect vulnerability in Search Guard Kibana Plugin via manipulated requests", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "floragunn", "product": "Search Guard FLX", "versions": [{"status": "affected", "version": "1.0.0", "versionType": "semver", "lessThanOrEqual": "4.0.1"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-31T10:00:00.000Z", "references": [{"url": "https://search-guard.com/cve-advisory/"}, {"url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL.", "supportingMedia": [{"type": "text/html", "value": "In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601 URL redirection to untrusted site ('open redirect')"}]}], "providerMetadata": {"orgId": "9f311a02-c44f-4938-8530-9219246b8255", "shortName": "floragunn", "dateUpdated": "2026-03-31T14:41:05.646Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4799", "state": "PUBLISHED", "dateUpdated": "2026-03-31T17:20:02.797Z", "dateReserved": "2026-03-25T08:43:23.387Z", "assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255", "datePublished": "2026-03-31T14:41:05.646Z", "assignerShortName": "floragunn"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL."}], "id": "CVE-2026-4799", "lastModified": "2026-03-31T15:16:21.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@search-guard.com", "type": "Secondary"}]}, "published": "2026-03-31T15:16:21.137", "references": [{"source": "security@search-guard.com", "url": "https://docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0"}, {"source": "security@search-guard.com", "url": "https://search-guard.com/cve-advisory/"}], "sourceIdentifier": "security@search-guard.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "security@search-guard.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[1.0.0,4.0.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Search Guard FLX", "source": "cna", "vendor": "floragunn"}, "product": "search_guard_flx", "vendor": "floragunn"}], "analysis": {"en": {"generated_at": "2026-03-31T16:22:05.035906+00:00", "value": {"mitigation_remediation": ["Upgrade Search Guard FLX to version 4.1.0 or later", "Verify that the new version is installed on all Kibana instances", "Monitor for any remaining redirects in user traffic", "Implement network controls to block redirection to untrusted domains if upgrade is delayed"], "summary": {"action": "Upgrade", "impact": "Open Redirect"}, "threat_synthesis": {"affected_systems": "This flaw was discovered in Floragunn\u2019s Search Guard FLX plugin for Kibana, affecting all versions up to and including 4.0.1. The plugin is part of the Search Guard ecosystem and is deployed in Kibana instances that provide search and security functionalities. Systems running any of these versions without the latest update are vulnerable.", "description_and_impact": "The vulnerability allows an attacker to inject a crafted request that results in the Search Guard FLX plugin redirecting a user to an arbitrary, potentially malicious URL. This is an Open Redirect (CWE\u2011601) that can be exploited to facilitate phishing attacks or to trick users into visiting malicious sites. The impact is limited to the user experience and confidentiality of the user\u2019s navigation context; it does not grant code execution or cause direct damage to the system, but it can be leveraged for social engineering attacks.", "risk_and_exploitability": "The CVSS score of 4.3 categorizes the issue as moderate. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog, indicating a lower current threat level. The attack vector is likely local or remote via web requests to Kibana, where an attacker could craft a URL that triggers the redirect. Although the effect is limited to redirecting users, the lack of immediate disabling features means that a website could be used for phishing campaigns, so administrators should treat this as medium risk until patched."}}}}, "created": "2026-03-31T19:54:20.121706+00:00", "updated": "2026-03-31T20:38:15.506358+00:00", "vendors": ["floragunn", "floragunn$PRODUCT$search_guard_flx"]}