PT-2026-22163 · Elastic · Kibana

Ismisepaul

Published

2026-02-26

Updated

2026-03-03

CVE-2026-26934

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Kibana (affected versions not specified)

Description An attacker with view-only privileges can cause a Denial of Service through Input Data Manipulation. A specially crafted payload can lead to excessive resource consumption, potentially making Kibana unresponsive or causing it to crash. The issue stems from improper validation of the specified quantity in input.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284

Related Identifiers

BIT-ELK-2026-26934

BIT-KIBANA-2026-26934

CVE-2026-26934

Affected Products

Kibana

PT-2026-22163 · Elastic · Kibana

CVE-2026-26934

Weakness Enumeration

Related Identifiers

Affected Products

References · 7