CVE-2025-44044

Name of the Vulnerable Software and Affected Versions Keyoti SearchUnit versions prior to 9.0.0

Description The issue allows an attacker to exfiltrate files from the underlying operating system by forcing a vulnerable host into parsing maliciously crafted XML and/or DTD files, exploiting an XML External Entity (XXE) vulnerability.

Recommendations For versions prior to 9.0.0, update to version 9.0.0 or later to resolve the issue. As a temporary workaround, consider restricting the parsing of external XML and DTD files to minimize the risk of exploitation. Avoid using vulnerable SearchUnit configurations until the issue is resolved.