Lucene search
K
NessusRecent

337899 matches found

Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•6 views

Fedora 43 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-f2c746ff8e)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-f2c746ff8e advisory. Update to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

5.3CVSS5.5AI score0.00327EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11332

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to...

7.8CVSS6.5AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

6.5CVSS5.5AI score0.00308EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-9496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package pacote from 11.2.7 and before 21.5.1 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this...

8.7CVSS5.9AI score0.00335EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromiu...

4.3CVSS5.5AI score0.00152EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape v...

9.6CVSS5.4AI score0.00216EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation v...

7.8CVSS5.4AI score0.0008EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute...

8.8CVSS6.1AI score0.00206EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•13 views

Fedora 44 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-dafdad8fd3)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-dafdad8fd3 advisory. Update to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

5.3CVSS5.5AI score0.00327EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak cross-origin data vi...

5.9CVSS5.4AI score0.00189EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•10 views

RockyLinux 10 : kernel (RLSA-2026:19569)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19569 advisory. kernel: net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 kernel: net/sched: Make cakeenqueue return NETXMITCN when past...

9.8CVSS7.2AI score0.93418EPSS
Exploits43References27
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory v...

6.5CVSS5.4AI score0.00243EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium securit...

6.5CVSS5.5AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-50592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in AdminCommunicationLog aka the communication log administration view. CVE-2026-50592...

6.4CVSS5.5AI score0.00148EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-10935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS5.8AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to...

5.3CVSS5.4AI score0.00233EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-11221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

4.3CVSS5.5AI score0.00149EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-10990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb...

9.6CVSS5.5AI score0.00304EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS5.4AI score0.00197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML pag...

6.5CVSS5.4AI score0.00187EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file...

6.5CVSS5.4AI score0.00221EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS5.8AI score0.00493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT...

8.8CVSS6.1AI score0.0028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS5.5AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-49837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - gobgp - None Ubuntu Linux - Unknown description CVE-2026-49837 Note that Nessus relies on the presence of the package as reported by the vendor...

5.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•8 views

Fedora 43 : perl-HTTP-Tiny (2026-3bfb774625)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bfb774625 advisory. 0.094 - fix to prevent invalid characters in all headers, and prevent header smuggling CVE-2026-7010 Tenable has extracted the preceding description block...

6.5CVSS5.5AI score0.00227EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebShare in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•10 views

Node.js Module axios 0.19.x < 0.31.1 / 1.x < 1.15.2 Prototype Pollution Credential Theft (CVE-2026-44495)

The version of the axios Node.js module installed on the remote host is 0.19.x prior to 0.31.1 or 1.x prior to 1.15.2. It is, therefore, affected by the following vulnerability: - A prototype pollution gadget in the config merge and response transformation pipeline allows credential theft and...

7CVSS5.6AI score0.00227EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium securit...

6.5CVSS5.5AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-11204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted...

6.5CVSS5.4AI score0.00201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•8 views

Debian dla-4618 : gsasl - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4618 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4618-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS5.5AI score0.00455EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via...

6.5CVSS5.5AI score0.00193EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS5.6AI score0.00301EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process t...

6.5CVSS5.5AI score0.00262EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Fonts in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...

8.8CVSS6.1AI score0.00361EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

4.3CVSS5.5AI score0.0015EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•9 views

RockyLinux 10 : giflib (RLSA-2026:19154)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19154 advisory. giflib: Giflib: Double-free vulnerability leading to memory corruption CVE-2026-23868 Tenable has extracted the preceding description block directly from the...

5.1CVSS5.6AI score0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/05 12:0 a.m.•18 views

Oracle E-Business Suite (May 2026 CSPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the May 2026 CSPU advisory. - Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected...

9.9CVSS5.8AI score0.00418EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•7 views

Golang 1.25.x < 1.25.11 / 1.26.x < 1.26.4 Multiple Vulnerabilities

The version of Golang running on the remote host is 1.25.x prior to 1.25.11, or 1.26.x prior to 1.26.4. It is, therefore, affected by multiple vulnerabilities: - x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caus...

7.5CVSS5.9AI score0.00561EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•11 views

Photon OS 5.0: Unbound PHSA-2026-5.0-0862

An update of the unbound package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0862. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

10CVSS5.8AI score0.00888EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-10722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component...

5.5CVSS4.9AI score0.00179EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-8829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer re...

7.5CVSS5.7AI score0.00292EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•12 views

Linux Distros Unpatched Vulnerability : CVE-2026-50219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLGetBuffer, XMLParse, XMLParseBuffer, XMLParserFree, or XMLParserReset from within handle...

5.9CVSS5.9AI score0.00218EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-42778

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046 in Apache MINA...

10CVSS7AI score0.23932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•10 views

RockyLinux 9 : flatpak (RLSA-2026:21755)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21755 advisory. flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on ho...

10CVSS8.2AI score0.01636EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•8 views

RockyLinux 10 : dovecot (RLSA-2026:19149)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19149 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

7.5CVSS5.8AI score0.00456EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•14 views

Fedora 44 : pie (2026-e5d5fc359d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e5d5fc359d advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

6.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2026/06/04 12:0 a.m.•9 views

Kibana 8.x < 8.19.16 / 9.0.x < 9.3.5 / 9.4.x < 9.4.1 DoS (ESA-2026-32)

The version of Kibana installed on the remote host is prior to 8.19.16, 9.3.5, or 9.4.1. It is, therefore, affected by a vulnerability as referenced in the ESA-2026-32 advisory. - Uncontrolled Resource Consumption CWE-400 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-13...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References2
Total number of security vulnerabilities337899