kibana-8

Direct Vulnerabilities

Known vulnerabilities in the kibana-8 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2026-48801

*
  • L
CVE-2026-11525

*
  • L
CVE-2026-6733

*
  • L
CVE-2026-9679

*
  • L
CVE-2026-12151

*
  • L
GHSA-p6gq-j5cr-w38f

*
  • L
Arbitrary Code Injection

*
  • L
GHSA-r7g4-qg5f-qqm2

*
  • L
Uncontrolled Recursion

*
  • L
CVE-2026-12143

*
  • L
Allocation of Resources Without Limits or Throttling

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Interpretation Conflict

*
  • L
Uncontrolled Recursion

*
  • L
Algorithmic Complexity

*
  • L
GHSA-268h-hp4c-crq3

*
  • L
GHSA-wqvq-jvpq-h66f

*
  • L
CVE-2026-48049

*
  • L
CVE-2026-48022

*
  • L
CVE-2026-48069

*
  • L
CVE-2026-48038

*
  • L
CVE-2026-48068

*
  • L
Resource Exhaustion

*
  • L
Information Exposure

*
  • H
Information Exposure

*
  • L
Allocation of Resources Without Limits or Throttling

*
  • M
Resource Exhaustion

*
  • L
Arbitrary Code Injection

*
  • L
Server-Side Request Forgery (SSRF)

*
  • L
Unintended Proxy or Intermediary ('Confused Deputy')

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Directory Traversal

<8.19.3-r0
  • L
CVE-2026-44974

*
  • L
CVE-2026-44979

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Uncontrolled Recursion

*
  • H
Use of Uninitialized Resource

*
  • L
Arbitrary Code Injection

*
  • L
Improper Handling of Exceptional Conditions

*
  • L
OS Command Injection

*
  • L
Uncontrolled Recursion

*
  • L
Improper Input Validation

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • L
Deserialization of Untrusted Data

*
  • L
Improper Handling of Unicode Encoding

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Arbitrary Code Injection

*