CVE-2026-0531

Name of the Vulnerable Software and Affected Versions Kibana Fleet (affected versions not specified)

Description An issue in Kibana Fleet allows for excessive resource allocation through a specially crafted bulk retrieval request. An attacker with low-level privileges, such as the viewer role providing read access to agent policies, can trigger redundant database retrieval operations. This process consumes memory rapidly, leading to a server crash and resulting in a denial of service for all users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.