Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Rack Web Server Interface: Security Flaw in Logstash FIPS Package
CLEANSTART-2026-XJ84245
Summary
A security issue in the Logstash FIPS package affects users of the popular web server interface Rack. This issue can allow an attacker to potentially execute malicious code. Update to the latest version of the Logstash FIPS package to fix the issue.
What to do
- Update logstash-fips to version 9.2.6-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | logstash-fips | <= 9.2.6-r0 | 9.2.6-r0 |
Original title
Rack is a modular Ruby web server interface
Original description
Multiple security vulnerabilities affect the logstash-fips package. Rack is a modular Ruby web server interface. See references for individual vulnerability details.
osv CVSS3.1
9.8
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advis... Vendor Advisory
- https://osv.dev/vulnerability/CVE-2025-61770 URL
- https://osv.dev/vulnerability/CVE-2025-61771 URL
- https://osv.dev/vulnerability/CVE-2025-61772 URL
- https://osv.dev/vulnerability/CVE-2026-25500 URL
- https://osv.dev/vulnerability/GHSA-22h5-pq3x-2gf2 URL
- https://osv.dev/vulnerability/GHSA-2xgq-q749-89fq URL
- https://osv.dev/vulnerability/GHSA-4cx2-fc23-5wg6 URL
- https://osv.dev/vulnerability/GHSA-6xw4-3v39-52mm URL
- https://osv.dev/vulnerability/GHSA-72qj-48g4-5xgx URL
- https://osv.dev/vulnerability/GHSA-c2f4-jgmc-q2r5 URL
- https://osv.dev/vulnerability/GHSA-gh9q-2xrm-x6qv URL
- https://osv.dev/vulnerability/GHSA-mhwm-jh88-3gjf URL
- https://osv.dev/vulnerability/GHSA-mr3q-g2mv-mr4q URL
- https://osv.dev/vulnerability/GHSA-mxw3-3hh2-x2mh URL
- https://osv.dev/vulnerability/GHSA-p543-xpfm-54cp URL
- https://osv.dev/vulnerability/GHSA-vc5p-v9hr-52mj URL
- https://osv.dev/vulnerability/GHSA-vqg5-3255-v292 URL
- https://osv.dev/vulnerability/GHSA-w9pc-fmgc-vxvw URL
- https://osv.dev/vulnerability/GHSA-whrj-4476-wvmp URL
- https://osv.dev/vulnerability/GHSA-wpv5-97wm-hp9c URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-61770 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-61771 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-61772 URL
- https://nvd.nist.gov/vuln/detail/CVE-2026-25500 URL
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026