25 matches found
BIT-KIBANA-2026-33459 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
BIT-ELK-2026-33459 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
PT-2026-32430
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
PT-2026-32406
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
CVE-2026-33459
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
Allocation of Resources Without Limits or Throttling
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the automatic import plugin. An attacker can cause backend services to...
EUVD-2026-20521
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
CVE-2026-33459
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
CVE-2026-33459 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
CVE-2026-33459
CVE-2026-33459 affects Kibana via Uncontrolled Resource Consumption (CWE-400) in the automatic import feature. An authenticated user with Fleet/Integrations privileges can submit specially crafted, very large inputs; when multiple requests run concurrently, backend services can become unstable, c...
Kibana 8.19.14, 9.2.8, 9.3.3 Security Update (ESA-2026-26)
Uncontrolled Resource Consumption in Kibana Leading to Denial of Service Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests wi...
Elastic Kibana 安全漏洞
Elastic Kibana is a data visualization dashboard software provided by the Elastic company. There is a security vulnerability in Elastic Kibana, which stems from uncontrolled resource consumption. This vulnerability could allow authenticated users with access to automatic import capabilities to...
PT-2026-31345
Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent concurrently,...
Python Site-Specific Hook Persistence
This module leverages Python's startup mechanism, where some files can be automically processed during the initialization of the Python interpreter. One of those files are startup hooks site-specific, dist-packages. If these files are present in site-specific or dist-packages directories, any lin...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-future (SUSE-SU-2025:03038-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03038-1 advisory. - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...
Security update for python-future
This update for python-future fixes the following issues: CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:03038-1 Security update for python-future
This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...
Security update for python-future
This update for python-future fixes the following issues: CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:03029-1 Security update for python-future
This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...
SUSE-SU-2025:03028-1 Security update for python-future
This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...