Medium severityNVD Advisory· Published Nov 14, 2025· Updated Apr 15, 2026
CVE-2025-12149
CVE-2025-12149
Description
In Search Guard FLX versions 3.1.2 and earlier, while Document-Level Security (DLS) is correctly enforced elsewhere, when the search is triggered from a Signals watch, the DLS rule is not enforced, allowing access to all documents in the queried indices.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=3.1.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.