Denial of Service Vulnerability in Kibana by Elastic
CVE-2026-49087
6.5MEDIUM
What is CVE-2026-49087?
A vulnerability in Kibana allows an authenticated user to send a specially crafted bulk deletion request, resulting in excessive resource consumption. This may lead to a denial of service, causing Kibana to become unavailable. This flaw is categorized as an allocation of resources without limits or throttling, allowing for the potential disruption of service to legitimate users.
Affected Version(s)
Kibana 9.0.0 <= 9.3.3
Kibana 8.0.0 <= 8.19.14