CVE-2026-4799 Open redirect vulnerability in Search Guard Kibana Plugin via manipulated requests

In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL...

CVE-2026-4799 Open redirect vulnerability in Search Guard Kibana Plugin via manipulated requests

In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untrusted URL...

CVE-2026-4799

In Search Guard FLX up to version 4.0.1, a vulnerability allows open redirection via specially crafted requests to route users to an untrusted URL. This is documented across CVE listings (CVE-2026-4799). The available sources describe the issue but do not provide exploit code or detailed remediat...

CVE-2026-26940

The CVE concerns Kibana’s Timelion visualization plugin, where improper validation of a specified quantity (input) by an authenticated user can cause a Denial of Service through excessive allocation. The underlying issue is validated quantity handling leading to overwriting internal series data p...

EUVD-2019-4917

Malware in sbrugna...

EUVD-2019-4916

Malware in sbrugna...

Incorrect Authentication Leading To Impersonation

Search Guard Kibana Plugin is susceptible to incorrect authentication. It is possible for a Kibana user to impersonate as kibanaserver user by submitting incorrect credentials and by fulfilling following conditions: 1 Kibana is configured to use Single-Sign-On as authentication method, one of...

CVE-2019-13422

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login...

floragunn Search Guard Kibana Plugin Permission License and Access Control Issues Vulnerability

floragunn Search Guard is a German floragunn company for Elasticsearch and ELK open source plug-ins , it mainly provides encryption , authentication , authorization management and log auditing and other functions . A privilege permission and access control issue vulnerability exists in floragunn...

floragunn Search Guard Kibana Plugin Input Validation Error Vulnerability

floragunn Search Guard is a German floragunn company for Elasticsearch and ELK open source plug-ins , which mainly provides encryption , authentication , authorization management and log auditing and other functions . kibana is used in which a dashboard plug-ins . An input validation error...

CVE-2019-13422

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login...

CVE-2019-13422

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login...

CVE-2019-13423

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...

Authentication flaw

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...

Code injection

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login...

CVE-2019-13422

Affected software: floragunn Search Guard Kibana Plugin; versions before 5.6.8-7 and before 6.x.y-12 have an input-validation error that can redirect a logged-in Kibana user to a potentially malicious site. Root cause per CNVD: input validation error. Impact: user redirection upon Kibana login. M...

CVE-2019-13423

Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...