VDB
CVE-2026-26939
CVE-2026-26939
PUBLISHED
CVSS 6.5 MEDIUM
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
EPSS 0.04% · 13.0th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Score
0.04%
13.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| elastic | kibana | 9.3.0, 8.0.0, 8.0.0 |
| Elastic | Packetbeat | |
| Elastic | Kibana | 9.3.0, 8.0.0, 8.0.0 |
| Elastic | Elasticsearch | |
| pytorch | pytorch | < 2.6.0 |
| Elastic | Metricbeat | |
| Elastic | Logstash |
Exploit Intelligence
- arturo-b-cmu/cve-2016-20012 (github-poc)
- arturo-b-cmu/cve-2016-20012 (github-poc)
- arturo-b-cmu/cve-2016-20012 (github-poc)
- arturo-b-cmu/cve-2016-20012 (github-poc)
- validation de l'exploitabilité d'une CVE (github-poc)
- validation de l'exploitabilité d'une CVE (github-poc)
- validation de l'exploitabilité d'une CVE (github-poc)
- validation de l'exploitabilité d'une CVE (github-poc)
- Spring Web 5.x with `org.springframework.remoting` package removed, to fix CVE-2016-1000027. (github-poc)
- Spring Web 5.x with `org.springframework.remoting` package removed, to fix CVE-2016-1000027. (github-poc)
…and 262 more exploits
Timeline
- Jun 9, 2023 PoC Published
- Jul 15, 2023 PoC Published
- Nov 4, 2023 PoC Published
- Dec 8, 2023 PoC Published
- Mar 1, 2024 PoC Published
- Apr 5, 2024 PoC Published
- Jul 17, 2024 PoC Published
- Apr 18, 2025 PoC Published
- Apr 21, 2025 PoC Published
- Apr 21, 2025 PoC Published
- Apr 21, 2025 PoC Published
- Apr 21, 2025 PoC Published
References
- https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-security-update-esa-2026-18/385534 advisory
- https://discuss.elastic.co/t/kibana-8-19-13-9-2-7-9-3-2-security-update-esa-2026-20/385535 advisory
- https://discuss.elastic.co/t/logstash-8-19-10-9-1-10-9-2-4-security-update-esa-2026-06/385531 advisory
- https://discuss.elastic.co/t/packetbeat-8-19-11-9-2-5-security-update-esa-2026-11/385533 advisory
- https://discuss.elastic.co/t/metricbeat-8-19-13-9-2-5-security-update-esa-2026-09/385532 advisory
- https://discuss.elastic.co/t/kibana-8-19-12-9-2-6-9-3-1-security-update-esa-2026-19/385530 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-26939 advisory
- https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6 url
- https://lists.debian.org/debian-lts-announce/2025/12/msg00000.html url