Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Feb 26, 2026
Kibana Prototype Pollution can lead to code injection
CVE-2024-12556
Description
Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined with path traversal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versions
>= 8.16.1, < 8.17.1+ 1 more
- (no CPE)range: >= 8.16.1, < 8.17.1
- (no CPE)range: >= 8.16.1, < 8.17.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.