AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-27f5-xjrr-q9ff: Malware in @opensearch-project/opensearch

criticalvulnerability

security

Source: GitHub Advisory DatabaseMay 19, 2026

Summary

An attacker gained unauthorized access to the OpenSearch Project's CI infrastructure (the automated system that builds and releases code) and injected malware into four versions of the `@opensearch-project/opensearch` package released on May 12, 2026. Any computer that installed these compromised versions between 00:00-10:00 UTC on May 12, 2026 should be considered fully compromised.

Solution / Mitigation

Immediately rotate all secrets and keys (like passwords and authentication tokens) from an alternate, uncompromised system. Remove the affected packages from the compromised computer, though this may not eliminate all malicious software already installed. Any computer running the affected versions during the compromise window should be considered fully compromised and handled accordingly.

Classification

Attack SophisticationModerate

Affected Packages

@opensearch-project/opensearch@= 3.8.0@opensearch-project/opensearch@= 3.7.0@opensearch-project/opensearch@= 3.6.2@opensearch-project/opensearch@= 3.5.3

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-27f5-xjrr-q9ff

First tracked: May 19, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%