Title: Multiple vulnerabilities in Graylog Posted date: 17/02/2026 Identifier: INCIBE-2026-118 Severity: Importance 5 - Critical Affected Resources: Graylog Web Interface version 2.2.3. Vulnerabilities: - CVE-2026-1435: - CVSS v4.0 base score: 9.1 - CVSS vector: CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N - CWE type: CWE-613 - CVE-2026-1436: - CVSS v4.0 base score: 7.0 - CVSS vector: CVSS AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N - CWE type: CWE-284 - CVE-2026-1437 to CVE-2026-1441: - CVSS v4.0 base score: 6.1 - CVSS vector: CVSS AV:N/AC:L/AT:N/PR:N/UI:R/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N - CWE type: CWE-79 Solution: Update the software to the latest version. CVE List: