CVE-2026-56151
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk16th percentile — higher than 16% of all known CVEs
Summary
CVE-2026-56151 in Kibana is an improper input validation vulnerability (CWE-20) that allows an authenticated user to submit a specially crafted Fleet policy input, causing a denial of service (DoS) via input data manipulation (CAPEC-153). This attack renders Fleet agent, server, and policy management functionality unavailable.
Risk Assessment
The risk for the organization is that an attacker with Kibana access can disrupt Fleet operations, preventing agent and policy management, leading to outages in monitoring and infrastructure management.
Recommendation
Immediately upgrade Kibana to a version that includes the fix for Fleet policy input validation. Until the update is applied, restrict Kibana access to trusted users only.
Original NVD description (English source)
Improper Input Validation (CWE-20) in Kibana can lead to a denial of service via Input Data Manipulation (CAPEC-153). An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality unavailable.

