A vulnerability described as critical has been identified in Aas-ee open-webSearch up to 2.1.6 . This affects an unknown part. Executing a manipulation can lead to server-side request forgery. This vulnerability is handled as CVE-2026-42260 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.