Every CVE whose affected-product data names Amazon Opensearch, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2022-31115 — CVSS 8.8 (high): opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby `YAML.load` function was…
CVE-2022-35980 — CVSS 7.5 (high): OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of…
CVE-2025-9624 — CVSS 7.5 (high): A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs. This issue…
CVE-2022-41918 — CVSS 6.3 (medium): OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained…
CVE-2023-23613 — CVSS 5.7 (medium): OpenSearch is an open source distributed and RESTful search engine. In affected versions there is an issue in the implementation of…
CVE-2023-45807 — CVSS 5.4 (medium): OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an…
CVE-2023-25806 — CVSS 5.3 (medium): OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy…
CVE-2023-31141 — CVSS 4.8 (medium): OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there…
CVE-2023-23612 — CVSS 4.7 (medium): OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity…
CVE-2023-23933 — CVSS 4.3 (medium): OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. There is an issue with the application of…
CVE-2022-41917 — CVSS 4.3 (medium): OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when…