HomeElasticCVE-2026-0530

CVE-2026-0530

MEDIUM
6.5CVSS
Published: 2026-01-13
Updated: 2026-01-22
AI Analysis

Description

Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive Allocation (CAPEC-130) via a specially crafted request. This causes the application to perform redundant processing operations that continuously consume system resources until service degradation or complete unavailability occurs.

CVSS Metrics

Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
network
Complexity
low
Privileges
low
User Action
none
Scope
unchanged
Confidentiality
none
Integrity
none
Availability
high
Weaknesses
CWE-770

Metadata

Primary Vendor
ELASTIC
Published
1/13/2026
Last Modified
1/22/2026
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

elastic : kibanaelastic : kibanaelastic : kibanaelastic : kibana

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2026-0530 | MEDIUM Severity | CVEDatabase.com | CVEDatabase.com