Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Halts WhatsApp Usernames Rollout Due to Fraud Concerns
July 1, 2026
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Home/CyberSecurity News/Elastic Patches Multiple Vulnerabilities That Enables Arbitrary File Theft and DoS Attacks
CyberSecurity News

Elastic Patches Multiple Vulnerabilities That Enables Arbitrary File Theft and DoS Attacks

Critical security updates from Elastic address four significant vulnerabilities across its stack, including a high-severity flaw that permits arbitrary file disclosure through compromised connector...

Emy Elsamnoudy
Emy Elsamnoudy
January 14, 2026 2 Min Read
42 0

Critical security updates from Elastic address four significant vulnerabilities across its stack, including a high-severity flaw that permits arbitrary file disclosure through compromised connector configurations.

The patches resolve issues affecting file handling, input validation, and resource allocation mechanisms in Kibana and related components.

The most severe vulnerability combines external file path control with server-side request forgery capabilities, allowing authenticated attackers to extract arbitrary files from affected systems.

CVE ID Vulnerability CVSS Score Severity Affected Versions
CVE-2026-0532 External Control of File Name or Path (CWE-73) + Server-Side Request Forgery (CWE-918) 8.6 High 8.15.0–8.19.9, 9.0.0–9.1.9, 9.2.0–9.2.3
CVE-2026-0543 Improper Input Validation (CWE-20) in Email Connector 6.5 Medium 7.x all, 8.0.0–8.19.9, 9.0.0–9.1.9, 9.2.0–9.2.3
CVE-2026-0531 Allocation of Resources Without Limits (CWE-770) in Fleet 6.5 Medium 7.10.0–7.17.29, 8.0.0–8.19.9, 9.0.0–9.1.9, 9.2.0–9.2.3
CVE-2026-0530 Allocation of Resources Without Limits (CWE-770) in Fleet 6.5 Medium 7.10.0–7.17.29, 8.0.0–8.19.9, 9.0.0–9.1.9, 9.2.0–9.2.3

CVE-2026-0532 stems from insufficient validation of credentials JSON payloads when processing them in the Google Gemini connector configuration.

An attacker with connector creation or modification privileges can craft malicious configurations to trigger unauthorized network requests and arbitrary file reads.

The vulnerability carries a CVSS 3.1 score of 8.6 (High). It affects Elastic versions 8.15.0 through 8.19.9, as well as all 9.x versions up to 9.2.3.

Kibana configurations allow you to turn off the connector type via the xpack setting. actions.enabledActionTypes setting as a temporary mitigation.

Elastic Cloud Serverless customers remain unaffected due to continuous deployment practices. Users should upgrade to version 8.19.10, 9.1.10, or 9.2.4.

CVE-2026-0543 demonstrates how improper input validation in Kibana’s email connector enables complete service disruption through specially crafted email address parameters.

An attacker with connector execution privileges can submit malformed email formats that trigger excessive memory allocation, causing service-wide unavailability and requiring a manual server restart.

This medium-severity flaw (CVSS 6.5) affects all 7.x versions and 8.x releases through 8.19.9, as well as 9.x versions up to 9.2.3.

Fleet Memory Exhaustion Flaws

Two additional resource-allocation vulnerabilities in Kibana Fleet enable denial-of-service attacks via bulk retrieval requests.

CVE-2026-0531 and CVE-2026-0530 exploit unlimited database actions that can be triggered by low-privilege logged-in users.

Both flaws carry identical CVSS scores of 6.5 and affect versions 7.10.0 and later, 8.x through 8.19.9, and 9.x through 9.2.3. No workarounds exist for these vulnerabilities.

Elastic recommends applying the latest security releases immediately. Organizations unable to upgrade should implement network segmentation and access controls to restrict the modification of connector privileges.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityVulnerability

Share Article

Emy Elsamnoudy

Emy Elsamnoudy

Emy is a cybersecurity analyst and reporter specializing in threat hunting, defense strategies, and industry trends. With expertise in proactive security measures, Emily covers the tools and techniques organizations use to detect and prevent cyber attacks. She is a regular speaker at security conferences and has contributed to industry reports on threat intelligence and security operations. Emily's reporting focuses on helping organizations improve their security posture through practical, actionable insights.

Previous Post

Spring CLI Tool Vulnerability Enables Command Execution on the Users Machine

Next Post

Researchers Proposed Game-Theoretic AI for Guiding Attack and Defense

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Critical Adobe ColdFusion Vulnerabilities Let Attackers Run Code
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us