Uncontrolled Resource Consumption in Elasticsearch by Elastic
CVE-2026-49090
6.5MEDIUM
What is CVE-2026-49090?
A vulnerability in Elasticsearch allows authenticated users to submit specially crafted bulk requests, leading to high CPU consumption. This uncontrolled resource consumption can result in a denial of service, making the node unable to process further requests. This issue highlights the importance of managing user input and system resources effectively to maintain service availability.
Affected Version(s)
Elasticsearch 8.0.0 <= 8.14.3
Elasticsearch 7.0.0 <= 7.17.23