| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33459 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-04-08 16:46:03 | Deep Dive |
| CVE-2026-33460 | Incorrect Authorization in Kibana Fleet Leading to Information Disclosure | Elastic | Kibana | Medium | 4.3 | 2026-04-08 16:43:31 | Deep Dive |
| CVE-2026-33461 | Incorrect Authorization in Kibana Fleet Leading to Information Disclosure | Elastic | Kibana | High | 7.7 | 2026-04-08 16:41:27 | Deep Dive |
| CVE-2026-4498 | Execution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Elasticsearch RBAC scope | Elastic | Kibana | High | 7.7 | 2026-04-08 16:38:59 | Deep Dive |
| CVE-2026-26940 | Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-03-19 17:14:32 | Deep Dive |
| CVE-2026-26939 | Missing Authorization in Kibana Leading to Unauthorized Endpoint Response Action Configuration | Elastic | Kibana | Medium | 6.5 | 2026-03-19 17:11:17 | Deep Dive |
| CVE-2026-26938 | Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF) | Elastic | Kibana | High | 8.6 | 2026-02-26 17:56:49 | Deep Dive |
| CVE-2026-26937 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-02-26 17:51:35 | Deep Dive |
| CVE-2026-26936 | Inefficient Regular Expression Complexity in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 4.9 | 2026-02-26 17:07:41 | Deep Dive |
| CVE-2026-26935 | Improper Input Validation in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-02-26 17:05:17 | Deep Dive |
| CVE-2026-26934 | Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service | Elastic | Kibana | Medium | 6.5 | 2026-02-26 17:03:17 | Deep Dive |
| CVE-2026-0532 | External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector | Elastic | Kibana | High | 8.6 | 2026-01-14 10:14:57 | Deep Dive |
| CVE-2026-0543 | Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation | Elastic | Kibana | Medium | 6.5 | 2026-01-13 21:10:39 | Deep Dive |
| CVE-2026-0531 | Allocation of Resources Without Limits or Throttling in Kibana Fleet | Elastic | Kibana | Medium | 6.5 | 2026-01-13 21:05:52 | Deep Dive |
| CVE-2026-0530 | Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation | Elastic | Kibana | Medium | 6.5 | 2026-01-13 21:03:14 | Deep Dive |
| CVE-2025-68422 | Kibana Improper Authorization | Elastic | Kibana | Medium | 4.3 | 2025-12-18 22:32:17 | Deep Dive |
| CVE-2025-68386 | Kibana Improper Authorization | Elastic | Kibana | Medium | 4.3 | 2025-12-18 22:21:09 | Deep Dive |
| CVE-2025-68389 | Kibana Allocation of Resources Without Limits or Throttling | Elastic | Kibana | Medium | 6.5 | 2025-12-18 22:14:52 | Deep Dive |
| CVE-2025-68387 | Kibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Elastic | Kibana | Medium | 6.1 | 2025-12-18 22:11:39 | Deep Dive |
| CVE-2025-68385 | Kibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Elastic | Kibana | High | 7.2 | 2025-12-18 22:08:38 | Deep Dive |