CVE-2026-31215: n/a
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /{index_name}/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied path_or_url parameter. This allows unauthenticated remote attackers to send crafted requests that trigger the deletion of arbitrary documents from ElasticSearch indices and corresponding files from the MinIO storage system. Successful exploitation leads to data destruction and denial of service.
AI Analysis
Technical Summary
The nexent v1.7.5.2 backend service exposes an unauthenticated arbitrary file deletion vulnerability via its ElasticSearch DELETE /{index_name}/documents endpoint. Due to missing authentication and authorization controls and lack of validation on the path_or_url parameter, attackers can remotely send crafted requests to delete arbitrary documents in ElasticSearch indices and corresponding files stored in MinIO. This leads to data loss and service disruption. There is no known patch or vendor advisory detailing remediation at this time.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to delete arbitrary data from ElasticSearch indices and associated files in MinIO storage, causing data destruction and denial of service to the affected backend service.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the vulnerable endpoint and implement compensating controls such as network-level authentication or firewall rules to prevent unauthorized access.
CVE-2026-31215: n/a
Description
The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /{index_name}/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied path_or_url parameter. This allows unauthenticated remote attackers to send crafted requests that trigger the deletion of arbitrary documents from ElasticSearch indices and corresponding files from the MinIO storage system. Successful exploitation leads to data destruction and denial of service.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The nexent v1.7.5.2 backend service exposes an unauthenticated arbitrary file deletion vulnerability via its ElasticSearch DELETE /{index_name}/documents endpoint. Due to missing authentication and authorization controls and lack of validation on the path_or_url parameter, attackers can remotely send crafted requests to delete arbitrary documents in ElasticSearch indices and corresponding files stored in MinIO. This leads to data loss and service disruption. There is no known patch or vendor advisory detailing remediation at this time.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to delete arbitrary data from ElasticSearch indices and associated files in MinIO storage, causing data destruction and denial of service to the affected backend service.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict network access to the vulnerable endpoint and implement compensating controls such as network-level authentication or firewall rules to prevent unauthorized access.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-03-09T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a034c84cbff5d8610fe99ce
Added to database: 5/12/2026, 3:51:32 PM
Last enriched: 5/12/2026, 4:08:39 PM
Last updated: 5/13/2026, 4:57:59 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.