12 matches found
BIT-KIBANA-2026-0531 Allocation of Resources Without Limits or Throttling in Kibana Fleet
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
BIT-ELK-2026-0531 Allocation of Resources Without Limits or Throttling in Kibana Fleet
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
Allocation of Resources Without Limits or Throttling
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the bulk retrieval endpoint. An attacker can exhaust system memory and...
CVE-2026-0531
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
CVE-2026-0531
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
EUVD-2026-2038
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
CVE-2026-0531 Allocation of Resources Without Limits or Throttling in Kibana Fleet
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
CVE-2026-0531 Allocation of Resources Without Limits or Throttling in Kibana Fleet
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
CVE-2026-0531
CVE-2026-0531 affects Kibana Fleet. Vulnerability: Allocation of Resources Without Limits or Throttling (CWE-770) enabling Excessive Allocation (CAPEC-130) via a specially crafted bulk retrieval request. Root cause: repetitive database retrievals that rapidly consume memory, leading to server cra...
Elastic Kibana Fleet 安全漏洞
Elastic Kibana Fleet is a component of Elastic Netherlands that centralizes the management and monitoring of Elastic Agent. A security vulnerability exists in Elastic Kibana Fleet that stems from an unlimited or infinite stream of resource allocations, which could lead to over-allocation via ad-h...
PT-2026-2634
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
Revive Adserver: Unrestricted setPerPage allows huge result sets / resource exhaustion / mass log retrieval
Description: The setPerPage query parameter controls pagination for the log viewer but is not validated or capped on the server. An attacker can supply an extremely large numeric value for example setPerPage=100000000000000000 and the application will attempt to honor that value when building the...