PT-2026-54765 · Elastic+1 · Elasticsearch+1

Published

2026-07-01

·

Updated

2026-07-01

·

CVE-2026-46487

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions GeoNetwork versions 4.0.0-alpha.1 through 4.4.10
Description An authorization bypass exists in the Elasticsearch-backed search API. The search proxy layer is designed to inject access-control and visibility filters into requests before they reach the Elasticsearch index. However, under certain conditions, this filtering step is skipped, allowing unauthenticated users to retrieve indexed metadata records that should be restricted. This failure bypasses multiple security layers, including group-based record visibility, draft record exclusion, record ownership checks, and portal-specific filtering, leading to unauthorized information disclosure.
Recommendations Update GeoNetwork to a version later than 4.4.10.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-46487
GHSA-582Q-V28R-7CXR

Affected Products

Elasticsearch
Geonetwork