QSearchQSearch

CVE-2026-47216

Typesense is a fast, typo-tolerant search engine

Published: 2026-06-12 · Last updated: 2026-06-15

Severity and scoring

CWE
CWE-754

Description

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is an unauthenticated denial-of-service vulnerability in the /multi_search endpoint. A specially crafted request can trigger an unhandled exception during request processing, causing the server process to terminate. This issue can be exploited over the network without authentication and results in service unavailability. The duration of impact may vary depending on system configuration and dataset size. This issue has been patched in versions 29.1 and 30.2.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-0269 A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user...
  • CVE-2026-46541 Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm (7.5 HIGH)
  • CVE-2026-45678 OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (7.5 HIGH)
  • CVE-2026-49325 Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows... (4.6 MEDIUM)
  • CVE-2026-49318 Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows ... (2.4 LOW)