kibana-9.3-advanced

Direct Vulnerabilities

Known vulnerabilities in the kibana-9.3-advanced package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M CVE-2026-26940	<9.3.2-r1
L CVE-2026-26939	<9.3.1-r0
M Off-by-one Error	<9.3.2-r1
L CVE-2026-3449	*
L Incorrect Authorization	<9.3.2-r1
C CVE-2026-1525	*
H Directory Traversal	*
L CVE-2026-1526	*
L CVE-2026-2581	*
M Cross-site Scripting (XSS)	<9.3.2-r1
M Directory Traversal	<9.3.2-r1
L CVE-2026-1527	*
L CVE-2026-1528	*
L CVE-2026-2229	*
M Directory Traversal	<9.3.2-r1
H CVE-2026-26938	<9.3.1-r0
L Inefficient Regular Expression Complexity	<9.3.2-r1
H CVE-2026-26935	<9.3.1-r0
L Algorithmic Complexity	<9.3.2-r1
H Buffer Overflow	*
L CVE-2026-26934	<9.3.1-r0
C Directory Traversal	<9.3.2-r1
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<9.3.1-r0
H Directory Traversal	<9.3.1-r0
L Incorrect Regular Expression	<9.3.1-r0
L Inefficient Regular Expression Complexity	<9.3.2-r1
H OS Command Injection	*
H Inefficient Regular Expression Complexity	<9.3.2-r1
L OS Command Injection	*
H CVE-2026-2391	<9.3.2-r1
L CVE-2026-2739	*
H CVE-2026-2327	<9.3.2-r1
L Improper Check for Unusual or Exceptional Conditions	<9.3.2-r1
L Race Condition	<9.3.2-r1
L GHSA-6475-r3vj-m8vf	<9.3.1-r0
M CVE-2025-13465	<9.3.1-r0
L Improper Input Validation	<9.3.1-r0
L CVE-2025-15284	<9.3.2-r1
L Server-Side Request Forgery (SSRF)	*
L OS Command Injection	*
L Directory Traversal	<9.3.1-r0
M Cross-site Scripting (XSS)	*
C Deserialization of Untrusted Data	*