Log Injection Vulnerability (CWE-117) in Kibana (Elastic)
CVE-2026-49091 Published on July 1, 2026
Improper Output Neutralization for Logs in Kibana Leading to Log Injection
Improper Output Neutralization for Logs (CWE-117) in Kibana can lead to log injection via Log Injection-Tampering-Forging (CAPEC-93). An attacker can supply specially crafted input that is written to log files without proper neutralization. When the log files are subsequently viewed in a terminal that interprets control sequences, the injected content may alter the displayed log data.
Vulnerability Analysis
CVE-2026-49091 can be exploited with network access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is an Output Sanitization Vulnerability?
The software prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
CVE-2026-49091 has been classified to as an Output Sanitization vulnerability or weakness.
Products Associated with CVE-2026-49091
Want to know whenever a new CVE is published for Elastic Kibana? stack.watch will email you.
Affected Versions
Elastic Kibana:- Version 8.0.0, <= 8.11.0 is affected.
- Version 7.0.0, <= 7.17.14 is affected.