CVE-2026-26934 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Servi…
Medium CVSS: 6.5

CVE-2026-26934

Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafted, malformed payload causing excessive resource consumption and resulting in Kibana becoming unresponsive or crashing.
Vendor
Elastic
Product
Kibana
CWE
CWE-1284
Yayın Tarihi
2026-02-26 18:23:07
Güncelleme
2026-03-02 15:59:55
Source Identifier
security@elastic.co
KEV Date Added
-

Kategoriler

CWE-1284 Kibana MEDIUM Elastic 2026

Referanslar

https://discuss.elastic.co/t/kibana-8-19-12-9-2-6-9-3-1-security-update-esa-2026-12/385248