CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

OSV•added 2026/01/16 8:42 a.m.•3 views

BIT-KIBANA-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation

Improper Input Validation CWE-20 in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation CAPEC-130 through a specially crafted email address parameter. This requires an attacker to have authenticated access with view-level privileges sufficient to execute connector...

6.5CVSS6.8AI score0.00123EPSS

Exploits0References2

OSV•added 2026/01/16 8:39 a.m.•2 views

BIT-ELK-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation

6.5CVSS6.8AI score0.00123EPSS

Exploits0References2

RedhatCVE•added 2026/01/16 8:38 a.m.•1 views

CVE-2026-0543

A flaw was found in Kibana's Email Connector. An authenticated attacker with view-level privileges can exploit this vulnerability by providing a specially crafted email address parameter. This improper input validation can lead to an excessive allocation of resources, resulting in a complete deni...

6.5CVSS5.8AI score0.00123EPSS

Exploits0References4

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

Kibana 7.x / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_08)

The version of Kibana installed on the remote host is prior to 8.19.10, 9.1.10, or 9.2.4. It is, therefore, affected by a vulnerability as referenced in the ESA202608 advisory. - An improper input validation vulnerability in Kibana's Email Connector can allow an attacker to cause an excessive...

6.5CVSS5.9AI score0.00123EPSS

Exploits0References2

Snyk•added 2026/01/13 9:49 p.m.•1 views

Improper Validation of Syntactic Correctness of Input

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the email address parameter in the Email Connector. An attacker can cause...

7.1CVSS6.7AI score0.00123EPSS

Exploits0References2

NVD•added 2026/01/13 9:15 p.m.•1 views

CVE-2026-0543

6.5CVSS0.00123EPSS

Exploits0References1

OSV•added 2026/01/13 9:15 p.m.•1 views

CVE-2026-0543

6.5CVSS5.8AI score

Exploits0References1

Cvelist•added 2026/01/13 9:10 p.m.•20 views

CVE-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation

6.5CVSS0.00123EPSS

Exploits0References1

CVE•added 2026/01/13 9:10 p.m.•13 views

CVE-2026-0543

CVE-2026-0543 describes an Improper Input Validation (Kibana's Email Connector) that enables an Excessive Allocation (CAPEC-130). An attacker with view-level privileges for connector actions can craft email parameters to trigger device/service disruption, causing complete unavailability until man...

6.5CVSS6.5AI score0.00123EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/01/13 9:10 p.m.•3 views

CVE-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation

6.5CVSS6.5AI score0.00123EPSS

Exploits0References1

EUVD•added 2026/01/13 9:10 p.m.•3 views

EUVD-2026-2035

6.5CVSS6.3AI score0.00123EPSS

Exploits0References2

Elastic•added 2026/01/13 8:47 p.m.•8 views

Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-08)

Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation ESA-2026-08 Improper Input Validation CWE-20 in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation CAPEC-130 through a specially crafted email address parameter. This requires an...

6.5CVSS6.9AI score0.00123EPSS

Exploits0

CNNVD•added 2026/01/13 12:0 a.m.•2 views

Elastic Kibana Email Connector 安全漏洞

Elastic Kibana Email Connector is an email service connection component from Elastic Netherlands. A security vulnerability exists in the Elastic Kibana Email Connector that stems from improper input validation, which could lead to over-assignment via specially crafted email address parameters,...

6.5CVSS5.8AI score0.00123EPSS

Exploits0References1

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2635

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description A flaw exists in Kibana's Email Connector due to improper input validation. An attacker with authenticated access and sufficient view-level privileges can trigger an excessive allocation of...

6.5CVSS6.2AI score0.00123EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-48778

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.00207EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:19 a.m.•4 views

CVE-2022-45936

A vulnerability has been identified in Mendix Email Connector All versions V2.0.0. Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read and manipulate sensitive information...

8.1CVSS6.6AI score0.00207EPSS

Exploits0References1

CNVD•added 2022/12/14 12:0 a.m.•14 views

Siemens Mendix Email Connector Module Improper Access Control Vulnerability

Siemens Mendix Email Connector Module allows email to be sent and received on its own email server and adds new features such as sending signed and encrypted emails.A security vulnerability exists in Siemens Mendix Email Connector Module due to a version of the affected module that fails to...

8.1CVSS2.3AI score0.00207EPSS

Exploits0References1

NVD•added 2022/12/13 4:15 p.m.•10 views

CVE-2022-45936

8.1CVSS0.00207EPSS

Exploits0References1

OSV•added 2022/12/13 4:15 p.m.•0 views

CVE-2022-45936

8.1CVSS5.8AI score0.00207EPSS

Exploits0References1