Unrated severityNVD Advisory· Published Feb 26, 2026· Updated Feb 26, 2026
Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service
CVE-2026-26934
Description
Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafted, malformed payload causing excessive resource consumption and resulting in Kibana becoming unresponsive or crashing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versions
>= 8.18.0, < 8.19.12+ 1 more
- (no CPE)range: >= 8.18.0, < 8.19.12
- (no CPE)range: >= 8.18.0, < 8.19.12
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.