Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/19 5:14 p.m.5 views

CVE-2026-26940

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.9 views

PT-2026-26325

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References4
OSV
OSV
added 2026/03/03 8:43 a.m.4 views

BIT-KIBANA-2026-26937 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...

7.5CVSS5.9AI score0.00272EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:40 a.m.6 views

BIT-ELK-2026-26937 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...

7.5CVSS5.9AI score0.00272EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/27 7:45 p.m.7 views

CVE-2026-26937

Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...

7.5CVSS5.9AI score0.00272EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 9:31 p.m.5 views

EUVD-2026-8872

Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...

6.5CVSS5.3AI score0.00272EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/26 5:51 p.m.4 views

CVE-2026-26937 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/26 5:51 p.m.25 views

CVE-2026-26937 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153...

6.5CVSS0.00272EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 5:51 p.m.37 views

CVE-2026-26937

CVE-2026-26937 affects the Timelion component in Kibana . The issue is an Uncontrolled Resource Consumption (CWE-400) that can cause a Denial of Service via Input Data Manipulation (CAPEC-153) . Attack surface is network-based with no user interaction required per the CVSS data, leading to high i...

7.5CVSS5.3AI score0.00272EPSS
Exploits0References1Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2023/09/15 6:54 p.m.66 views

Metasploit Weekly Wrap-Up

Flask Cookies This week includes two modules related to Flask cookie signatures. One is specific to Apache Superset where session cookies can be resigned, allowing an attacker to elevate their privileges and dump the database connection strings. While adding this functionality, community member...

10CVSS9.8AI score0.99949EPSS
Exploits106
Elastic
Elastic
added 2020/07/27 5:9 p.m.8 views

Elastic Stack 6.8.11 and 7.8.1 security update

Kibana regular expression denial of service flaw ESA-2020-09 Kibana versions before 6.8.11 and 7.8.1 contain a denial of service DoS flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming...

6.7CVSS8.2AI score0.0122EPSS
Exploits0
Elastic
Elastic
added 2017/09/26 4:56 p.m.5 views

X-Pack Alerting and Kibana 5.6.1 security update

X-Pack alerting privileged user multiple issues An error was found in the permission model used by X-Pack alerting whereby users mapped to certain built-in roles could create a watch that results in that user gaining elevated privileges. Affected Versions: 5.0.0 to 5.6.0 Solutions and Mitigations...

8.8CVSS5.5AI score0.01071EPSS
Exploits0
Rows per page
Query Builder