I Found 39 Algolia Admin Keys Exposed Across Open Source Documentation Sites
Summary
A security researcher uncovers 39 Algolia admin keys exposed in open source DocSearch configurations, discovered through frontend scraping, GitHub history, and TruffleHog scans. The keys grant full admin permissions on search indices, posing risks like index modification, data exfiltration, and injection of malicious content. Root cause is widespread misuse of admin keys in frontend configs, with remediation steps urging owners to replace with search-only keys and audit deployments.