PT-2026-22163 · Elastic · Kibana

Ismisepaul

Publicado

2026-02-26

Atualizado

2026-03-03

CVE-2026-26934

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Kibana (affected versions not specified)

Description An attacker with view-only privileges can cause a Denial of Service through Input Data Manipulation. A specially crafted payload can lead to excessive resource consumption, potentially making Kibana unresponsive or causing it to crash. The issue stems from improper validation of the specified quantity in input.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1284

Identificadores relacionados

BIT-ELK-2026-26934

BIT-KIBANA-2026-26934

CVE-2026-26934

Produtos afetados

Kibana

PT-2026-22163 · Elastic · Kibana

CVE-2026-26934

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7