4 matches found
Elasticsearch 7.0.x < 7.17.24 / 8.0.x < 8.15.0 DoS (ESA-2026-52)
The version of Elasticsearch installed on the remote host is 7.0 prior to 7.17.24 or 8.0 prior to 8.15.0. It is, therefore, affected by a denial of service vulnerability: - Uncontrolled resource consumption in Elasticsearch allows an authenticated user to submit a specially crafted bulk request...
EUVD-2026-41100
Uncontrolled Resource Consumption CWE-400 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk request that causes sustained high CPU consumption, which can render the affected node unable to process request...
PT-2026-54769
Name of the Vulnerable Software and Affected Versions Elasticsearch affected versions not specified Description An authenticated user can trigger a denial of service by submitting a specially crafted bulk request. This leads to uncontrolled resource consumption through excessive allocation,...
Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-04)
Allocation of Resources Without Limits or Throttling in Kibana Fleet ESA-2026-04 Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level...