CVE-2026-33463

Name of the Vulnerable Software and Affected Versions Kibana (affected versions not specified)

Description A logic error in the validation of expiration timestamps allows a time-bounded access token to remain usable after its intended validity window has closed. This enables an unauthenticated actor who possesses the token to retrieve associated content after the token has expired, leading to unauthorized information disclosure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.