CVE-2026-4498
Apr 8, 2026
Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). ...
Read Advisory
Elastic Kibana Vulnerabilities
1 advisories affecting Elastic Kibana
1
Total CVEs
0
Critical
1
High