Description
Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153)
Published: 2026-02-26
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

Improper input validation in Kibana's internal Content Connectors search endpoint enables crafted requests to exploit a flaw in data handling, resulting in denial of service for the Kibana service. Classified as CWE‑20, the flaw can cause the target system to become unresponsive or crash, disrupting service availability for users and potentially impacting integrated dashboards or monitoring tools.

Affected Systems

The vulnerability affects Elastic's Kibana product. All installations that expose the internal Content Connectors search endpoint are susceptible until patched. Versions of Kibana that include this endpoint, such as those listed in the CVE payload, are impacted.

Risk and Exploitability

The CVSS score is 6.5, indicating a moderate risk. EPSS is less than 1%, suggesting a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. The flaw can be exploited remotely by sending malicious requests to the search endpoint over HTTP(S); no local privilege or authentication is required, making the attack vector potentially network-based. Successful exploitation would result in service interruption for Kibana consumers.

Generated by OpenCVE AI on April 18, 2026 at 10:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Kibana patch that addresses the input validation flaw, such as upgrading to the most recent stable release.
  • If an upgrade cannot be performed immediately, mitigate by limiting the size and complexity of search queries to the Content Connectors endpoint, or by disabling the feature if it is not needed.
  • Implement request rate limiting or firewall rules to block excessive or malformed traffic to the endpoint.

Generated by OpenCVE AI on April 18, 2026 at 10:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 02 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:9.3.0:*:*:*:*:*:*:*

Fri, 27 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Feb 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Elastic
Elastic kibana
Vendors & Products Elastic
Elastic kibana

Thu, 26 Feb 2026 17:30:00 +0000

Type Values Removed Values Added
Description Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153)
Title Improper Input Validation in Kibana Leading to Denial of Service
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Elastic Kibana
cve-icon MITRE

Status: PUBLISHED

Assigner: elastic

Published:

Updated: 2026-02-26T18:28:11.607Z

Reserved: 2026-02-16T16:42:05.773Z

Link: CVE-2026-26935

cve-icon Vulnrichment

Updated: 2026-02-26T17:53:29.853Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-26T18:23:07.817

Modified: 2026-03-02T15:58:14.673

Link: CVE-2026-26935

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T10:30:35Z

Weaknesses