Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.12 views

CVE-2026-33458

Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...

7.7CVSS5.7AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32429

Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...

7.7CVSS5.9AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/08 6:34 p.m.1 views

EUVD-2026-20519

Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...

6.3CVSS6AI score0.00226EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 6:26 p.m.5 views

CVE-2026-33458

Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...

7.7CVSS0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 4:47 p.m.13 views

CVE-2026-33458

Summary : CVE-2026-33458 describes a Server-Side Request Forgery (SSRF) in Kibana One Workflow that can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially expos...

7.7CVSS6AI score0.00226EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.9 views

PT-2026-31344

Name of the Vulnerable Software and Affected Versions Kibana versions affected versions not specified Description Kibana One Workflow contains a Server-Side Request Forgery CWE-918 issue that can lead to information disclosure. An authenticated user with workflow creation and execution privileges...

7.7CVSS5.9AI score0.00226EPSS
Exploits0References5
Rows per page
Query Builder