CVE-2026-56151 in Kibanainfo

Summary

by MITRE • 07/01/2026

Improper Input Validation (CWE-20) in Kibana can lead to a denial of service via Input Data Manipulation (CAPEC-153). An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality unavailable.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsible

Elastic

Reservation

06/19/2026

Disclosure

07/01/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!