Risk Scores
CVSS v3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Score
0.03%
8.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| elastic | kibana | 8.0.0, 9.0.0, 9.3.0 |
| Elastic | Packetbeat | |
| Elastic | Kibana | 8.0.0, 9.0.0, 9.3.0 |
| Elastic | Elasticsearch | |
| pytorch | pytorch | < 2.6.0 |
| Elastic | Metricbeat | |
| Elastic | Logstash |
Timeline
- Jun 9, 2023 PoC Published
- Jul 15, 2023 PoC Published
- Nov 4, 2023 PoC Published
- Dec 8, 2023 PoC Published
- Mar 1, 2024 PoC Published
- Apr 5, 2024 PoC Published
- Jul 17, 2024 PoC Published
- Apr 18, 2025 PoC Published
- Apr 21, 2025 PoC Published
- Apr 21, 2025 PoC Published
- Apr 21, 2025 PoC Published
- Apr 21, 2025 PoC Published
References
- https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-security-update-esa-2026-18/385534 advisory
- https://discuss.elastic.co/t/kibana-8-19-13-9-2-7-9-3-2-security-update-esa-2026-20/385535 advisory
- https://discuss.elastic.co/t/logstash-8-19-10-9-1-10-9-2-4-security-update-esa-2026-06/385531 advisory
- https://discuss.elastic.co/t/packetbeat-8-19-11-9-2-5-security-update-esa-2026-11/385533 advisory
- https://discuss.elastic.co/t/metricbeat-8-19-13-9-2-5-security-update-esa-2026-09/385532 advisory
- https://discuss.elastic.co/t/kibana-8-19-12-9-2-6-9-3-1-security-update-esa-2026-19/385530 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-26939 advisory
- https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6 url
- https://lists.debian.org/debian-lts-announce/2025/12/msg00000.html url