| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33466 | Improper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write | Elastic | Logstash | High | 8.1 | 2026-04-08 16:50:42 | Deep Dive |
| CVE-2026-33459 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-04-08 16:46:03 | Deep Dive |
| CVE-2026-33460 | Incorrect Authorization in Kibana Fleet Leading to Information Disclosure | Elastic | Kibana | Medium | 4.3 | 2026-04-08 16:43:31 | Deep Dive |
| CVE-2026-33461 | Incorrect Authorization in Kibana Fleet Leading to Information Disclosure | Elastic | Kibana | High | 7.7 | 2026-04-08 16:41:27 | Deep Dive |
| CVE-2026-4498 | Execution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Elasticsearch RBAC scope | Elastic | Kibana | High | 7.7 | 2026-04-08 16:38:59 | Deep Dive |
| CVE-2026-28261 | Dell ObjectScale和Dell Elastic Cloud Storage 日志信息泄露漏洞 | Dell | Elastic Cloud Storage | High | 7.8 | 2026-04-08 12:43:54 | Deep Dive |
| CVE-2026-26940 | Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-03-19 17:14:32 | Deep Dive |
| CVE-2026-26939 | Missing Authorization in Kibana Leading to Unauthorized Endpoint Response Action Configuration | Elastic | Kibana | Medium | 6.5 | 2026-03-19 17:11:17 | Deep Dive |
| CVE-2026-26933 | Improper Validation of Array Index in Packetbeat Leading to Denial of Service | Elastic | Packetbeat | Medium | 5.7 | 2026-03-19 17:08:46 | Deep Dive |
| CVE-2026-26931 | Memory Allocation with Excessive Size Value in Metricbeat Leading to Denial of Service | Elastic | Metricbeat | Medium | 5.7 | 2026-03-19 17:05:58 | Deep Dive |
| CVE-2026-26938 | Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF) | Elastic | Kibana | High | 8.6 | 2026-02-26 17:56:49 | Deep Dive |
| CVE-2026-26937 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-02-26 17:51:35 | Deep Dive |
| CVE-2026-26936 | Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 4.9 | 2026-02-26 17:07:41 | Deep Dive |
| CVE-2026-26935 | Improper Input Validation in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-02-26 17:05:17 | Deep Dive |
| CVE-2026-26934 | Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-02-26 17:03:17 | Deep Dive |
| CVE-2026-26932 | Improper Validation of Array Index in Packetbeat Leading to Denial of Service | Elastic | Packetbeat | Medium | 5.7 | 2026-02-26 16:59:55 | Deep Dive |
| CVE-2026-0532 | External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector | Elastic | Kibana | High | 8.6 | 2026-01-14 10:14:57 | Deep Dive |
| CVE-2026-0529 | Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers | Elastic | Packetbeat | Medium | 6.5 | 2026-01-14 10:09:02 | Deep Dive |
| CVE-2026-0543 | Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation | Elastic | Kibana | Medium | 6.5 | 2026-01-13 21:10:39 | Deep Dive |
| CVE-2026-0531 | Allocation of Resources Without Limits or Throttling in Kibana Fleet | Elastic | Kibana | Medium | 6.5 | 2026-01-13 21:05:52 | Deep Dive |