What is CVE-2026-4819?

CVE-2026-4819 is a medium-severity vulnerability in Floragunn Search Guard Flx, classified under Insertion of Sensitive Information into Log File. CVSS score: 4.9/10. Published 2026-03-31.

How severe is CVE-2026-4819?

Medium severity. CVSS v3 base score is 4.9 out of 10.

Information disclosure in Floragunn Search Guard Flx

CVE-2026-4819

In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging into Kibana.

EPSS: 0.000 (13.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.9 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N.

Affected products

Floragunn Search Guard Flx — versions 1.0.0

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File
CWE-522 — Insufficiently Protected Credentials

References

search-guard.com/cve-advisory/
docs.search-guard.com/latest/changelog-searchguard-flx-4_1_0

Frequently asked questions

What is CVE-2026-4819?: CVE-2026-4819 is a medium-severity vulnerability in Floragunn Search Guard Flx, classified under Insertion of Sensitive Information into Log File. CVSS score: 4.9/10. Published 2026-03-31.
How severe is CVE-2026-4819?: Medium severity. CVSS v3 base score is 4.9 out of 10.