All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-56148
MEDIUMpublished 2026-07-01 17:16 UTC · 3 days ago · modified 2026-07-02 17:38 UTC
6.5
CVSS / 10
// description
Uncontrolled Recursion (CWE-674) in Elasticsearch can lead to a denial of service via Excessive Allocation (CAPEC-130). An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable.
// weaknesses (CWE)
- CWE-674