Skip to content
Threat Feed
Subscribe

Tag

Kibana

2 briefs RSS
high advisory

Multiple Vulnerabilities in Elastic Kibana

Multiple vulnerabilities in Elastic Kibana allow for privilege escalation, remote denial of service, data breach, server-side request forgery (SSRF), and cross-site scripting (XSS).

Kibana +2 vulnerability privilege escalation denial of service data breach SSRF XSS
2r 3t 5c
medium advisory

Kibana Fleet Plugin Privilege Escalation via CVE-2026-4498

CVE-2026-4498 allows an authenticated Kibana user with Fleet sub-feature privileges to read index data beyond their direct Elasticsearch RBAC scope due to improper privilege handling in debug route handlers.

cve privilege-escalation kibana
2r 1t 1c