1. LightRAG OpenSearch Backend Exposed to Wildcard DoS via Unsanitized Search Input (CWE-89)
A security researcher has identified and patched a vulnerability in LightRAG's OpenSearch integration that allows authenticated users to trigger denial-of-service conditions by injecting pathological wildcard patterns into search queries. The flaw, traced to improper input handling in `lightrag/kg/opensearch_impl.py`, ...