PatchSiren cyber security CVE debrief
CVE-2026-47216 typesense CVE debrief
CVE-2026-47216 is an unauthenticated denial-of-service vulnerability in the /multi_search endpoint of Typesense, a fast, typo-tolerant search engine. A specially crafted request can trigger an unhandled exception during request processing, causing the server process to terminate. This issue can be exploited over the network without authentication and results in service unavailability. The duration of impact may vary depending on system configuration and dataset size. This issue has been patched in versions 29.1 and 30.2.
- Vendor
- typesense
- Product
- Unknown
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Users of Typesense versions prior to 29.1 and 30.2 should apply the patches to prevent service unavailability due to this unauthenticated denial-of-service vulnerability.
Technical summary
CVE-2026-47216 is an unauthenticated denial-of-service vulnerability in the /multi_search endpoint of Typesense. The vulnerability has a CVSS score of 8.7 and is classified as HIGH severity. The vulnerability was published and modified on June 12, 2026.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches in versions 29.1 and 30.2 or later to prevent service unavailability due to this unauthenticated denial-of-service vulnerability.
Evidence notes
The vulnerability was published and modified on June 12, 2026. The CVSS score is 8.7, indicating HIGH severity.
Official resources
-
CVE-2026-47216 CVE record
CVE.org
-
CVE-2026-47216 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47216 was published and modified on June 12, 2026.