All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-56151
MEDIUMpublished 2026-07-01 17:16 UTC · 3 days ago · modified 2026-07-02 16:09 UTC
6.5
CVSS / 10
// description
Improper Input Validation (CWE-20) in Kibana can lead to a denial of service via Input Data Manipulation (CAPEC-153). An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality unavailable.
// weaknesses (CWE)
- CWE-20