CVE-2026-49091
HighCVSS 8.0Exploitation Probability (EPSS)
Low risk10th percentile — higher than 10% of all known CVEs
Summary
CWE-117 vulnerability in Kibana allows injection of unsanitized data into logs. An attacker can supply specially crafted input that is written to log files without proper neutralization. When logs are viewed in a terminal that interprets control sequences, the injected content may alter the displayed log data.
Risk Assessment
The risk involves potential log manipulation, which can hide attack traces, mislead administrators, or falsify security events. This may hinder incident detection and analysis.
Recommendation
Update Kibana to a patched version. Additionally, implement output neutralization mechanisms for logs and use secure terminals for log viewing.
Original NVD description (English source)
Improper Output Neutralization for Logs (CWE-117) in Kibana can lead to log injection via Log Injection-Tampering-Forging (CAPEC-93). An attacker can supply specially crafted input that is written to log files without proper neutralization. When the log files are subsequently viewed in a terminal that interprets control sequences, the injected content may alter the displayed log data.

