Multiple Elastic Vulnerabilities Could Lead to File Theft and DoS - gbhackers.com

Multiple Elastic Vulnerabilities File Theft and DoS CVE/vulnerabilityCyber Security NewsVulnerability 1 min.Read Multiple Elastic Vulnerabilities Could Lead to File Theft and DoS By Divya January 14, 2026 Share Facebook Twitter Pinterest WhatsApp Elastic has released urgent security patches addressing four significant vulnerabilities in Kibana that could enable attackers to steal sensitive files, trigger service outages, and exhaust system resources. The advisories, published on January 14, 2026, affect multiple Kibana versions spanning from 7.x through 9.2.3. Critical File Disclosure and SSRF Vulnerability The most severe flaw, CVE-2026-0532, has a CVSS score of 8.6 and combines external file path control with server-side request forgery. The vulnerability resides in Kibana’s Google Gemini connector, allowing authenticated attackers with connector management privileges to craft malicious JSON payloads that can steal credentials. CVE ID CVSS Score Severity Vulnerability Type CVE-2026-0532 8.6 High SSRF & File Disclosure (CWE-918, CWE-73) CVE-2026-0543 6.5 Medium Improper Input Validation (CWE-20) CVE-2026-0531 6.5 Medium Uncontrolled Resource Allocation (CWE-770) CVE-2026-0530 6.5 Medium Uncontrolled Resource Allocation (CWE-770) By exploiting improper validation, threat actors can trigger arbitrary network requests and read sensitive files directly from affected systems, potentially exposing configuration files, credentials, and application data. Three medium-severity vulnerabilities (CVE-2026-0530, CVE-2026-0531, and CVE-2026-0543) introduce denial-of-service conditions via resource exhaustion. CVE-2026-0530 and CVE-2026-0531 stem from uncontrolled resource allocation in Kibana Fleet, permitting low-privilege viewers to craft specially formatted bulk retrieval requests that trigger redundant database operations. These operations consume memory until the server crashes. Similarly, CVE-2026-0543 affects the Email Connector, where improper input validation on email address parameters results in excessive resource consumption and complete service unavailability. The affected vulnerability chain indicates that organizations running unpatched Kibana installations face immediate exploitation risks. Elastic recommends urgent upgrades to version 8.19.10, 9.1.10, or 9.2.4, depending on the deployment branch. For organizations unable to upgrade immediately, Elastic provides limited mitigation options, including turning off specific connector types through the xpack.actions.enabledActionTypes configuration parameter. Notably, Elastic Cloud Serverless deployments received patches through continuous deployment models before public disclosure, shielding cloud-native users from exposure. Organizations should prioritize patching efforts based on their deployment architecture and exposure level, with particular attention to systems accessible from untrusted networks or shared multi-tenant environments where authenticated users may execute connector operations. Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google. Tags cyber security Cyber Security News Vulnerability Divya Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Hot this week Infosec- Resources How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities June 4, 2023 1 What is Deep Web The deep web, invisible web, or... SOC Architecture How to Build and Run a Security Operations Center (SOC Guide) – 2023 June 3, 2023 12 Today’s Cyber security operations center (CSOC) should have everything... Cyber Security News Network Penetration Testing Checklist – 2025 March 2, 2025 0 Network penetration testing is a cybersecurity practice that simulates... Cyber Security News Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component October 18, 2023 0 TeamViewer's popularity and remote access capabilities make it an... Checklist Web Server Penetration Testing Checklist – 2026 January 6, 2026 0 Web server pentesting is performed under three significant categories: identity,... Topics AcquisitionAdobeAdwareAIAmazonAmazon AWSAMDAndroidAnti VirusAntimalwareAntispoofingANY RUNApacheAPIAppleAPTArtificial IntelligenceAvastAWSAzureBackdoorBitcoinBluetoothBotnetBrowserBuffer over flowBug BountyBusinessChatbotsChatGPTChecklistChromeCiscoCISOCISO AdvisoryCloudCloud SecurityCloudflareComputer SecurityCourseCPUCross site ScriptingcryptocurrencyCryptocurrency hackCVE/vulnerabilityCyber AdvisoryCyber AICyber AttackCyber Crimecyber securityCyber security CourseCyber Security NewsCyber Security ResourcesDark WebData BreachData GovernanceDDOSDealsDeepSeekDiscordDNSDos AttackDriveDropboxEducationEmailEmail SecurityEthical HackingExploitExploitation ToolsExtratorrentsFACEBOOKFeaturedFirefoxFirefox NewsFirewallForensics ToolsgameGenAIGitHubGitLabGmailGoogleGoogle dorksGovernanceGRCHacking BooksHacksHardware HackingHBOHTMLHTTPIBMIISIncident ResponseInformation GatheringInformation Security RisksInfosec- ResourcesInsider ThreatsInstagramMore Cyber Security News Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools 0 Microsoft has officially released a new open-source tool designed... CVE/vulnerability Angular XSS Vulnerability Threatens Thousands of Web Applications 0 A high-severity Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2026-32635,... cyber security Glassworm Malware Infects Popular React Native npm Packages 0 A new Glassworm-linked supply chain attack has briefly turned... cyber security Packagist Themes Deliver Trojanized jQuery in OphimCMS Supply Chain Attack 0 A new OphimCMS supply chain attack in which six... CVE/vulnerability CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks 0 The Cybersecurity and Infrastructure Security Agency (CISA) has issued... Cyber Security News WebFiling Flaw at UK Companies House Exposed Director Data for Months 0 The UK Companies House recently disclosed a significant security... cyber security Hackers Leverage Safe Links and URL Rewriting to Evade Detection 0 Threat actors were already abusing URL rewriting mechanisms in... cyber security Payload ransomware hits Windows and ESXi with Babuk-style encryption 0 A new ransomware operation called Payload is rapidly emerging as a... Related Articles Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools Cyber Security News March 17, 2026 Angular XSS Vulnerability Threatens Thousands of Web Applications CVE/vulnerability March 17, 2026 Glassworm Malware Infects Popular React Native npm Packages cyber security March 17, 2026 Packagist Themes Deliver Trojanized jQuery in OphimCMS Supply Chain Attack cyber security March 17, 2026 CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks CVE/vulnerability March 17, 2026 Recent News Microsoft Launches AI-Driven Troubleshooting for Purview Data Lifecycle Tools Divya - March 17, 2026 Angular XSS Vulnerability Threatens Thousands of Web Applications Divya - March 17, 2026 Glassworm Malware Infects Popular React Native npm Packages Mayura Kathir - March 17, 2026 Packagist Themes Deliver Trojanized jQuery in OphimCMS Supply Chain Attack Mayura Kathir - March 17, 2026 CISA Issues Alert on Wing FTP Server Vulnerability Used in Attacks Divya - March 17, 2026 WebFiling Flaw at UK Companies House Exposed Director Data for Months Divya - March 17, 2026