{"id":"CVE-2026-26938","details":"Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) via Code Injection (CAPEC-242). This requires an authenticated user who has the workflowsManagement:executeWorkflow privilege.","aliases":["BIT-elk-2026-26938","BIT-kibana-2026-26938"],"modified":"2026-04-10T05:37:01.905053Z","published":"2026-02-26T19:32:39.903Z","references":[{"type":"ADVISORY","url":"https://discuss.elastic.co/t/kibana-9-3-1-security-update-esa-2026-17/385253"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/elastic/kibana","events":[{"introduced":"0"},{"last_affected":"30ab63cc0017fe2da7a84fb9b285dd762468802d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"9.3.0"}]}}],"versions":["7.0-known-good","deploy@1693594780","deploy@1693609987","deploy@1693853982","deploy@1693860790","deploy@1693866333","deploy@1694087994","deploy@1694162455","deploy@1694506029","deploy@1694683198","deploy@1695286747","deploy@1696328885","deploy@1696415195","deploy@1696508231","deploy@1696618725","deploy@1696873111","deploy@1697028216","deploy@1697232175","deploy@1697564183","deploy@1698046713","deploy@1698657637","deploy@1699260155","deploy@1699865290","deploy@1700491293","deploy@1701160888","deploy@1701687168","deploy@1702284899","deploy@1702367069","deploy@1702879551","deploy@1702903357","deploy@1703484304","deploy@1704089101","deploy@1704693922","deploy@1705298718","deploy@1705306975","deploy@1705903520","deploy@1706508321","deploy@1707113127","deploy@1707717945","deploy@1708322739","deploy@1708927574","deploy@1709532332","deploy@1709533819","deploy@1710137117","deploy@1710146776","deploy@1710741924","deploy@1711370131","deploy@1711952105","deploy@1712566963","deploy@1713161715","deploy@1713766425","deploy@1714371303","deploy@1714976069","deploy@1715580861","deploy@1716185667","deploy@1716790412","deploy@1716800745","deploy@1717395230","deploy@1717401777","deploy@1718000036","deploy@1718616070","deploy@1719209622","deploy@1719814351","deploy@1720419201","deploy@1721023892","deploy@1721628835","deploy@1722233551","deploy@1722838314","deploy@1723443177","deploy@1724047965","deploy@1724652827","deploy@1725257503","deploy@1725862301","deploy@1726473511","deploy@1727071987","deploy@1727676838","deploy@1728281754","deploy@1728886420","deploy@1729491328","deploy@1730095989","deploy@1730700921","deploy@1731305644","deploy@1731910526","deploy@1732515196","deploy@1733120035","deploy@1733724770","deploy@1734329529","deploy@1734934371","deploy@1735539127","deploy@1736144018","deploy@1736748791","deploy@1737353792","deploy@1737958429","deploy@1738563299","deploy@1739168190","deploy@1739772912","deploy@1740377517","deploy@1740982600","deploy@1741587091","deploy@1742191921","deploy@1742796690","deploy@1743401509","deploy@1744006300","deploy@1744611164","deploy@1745272860","deploy@1745820726","deploy@1746425571","deploy@1747030444","deploy@1747635089","deploy@1748239962","deploy@1748844884","deploy@1748942782","deploy@1749449628","deploy@1750054502","deploy@1750659199","deploy@1751264043","deploy@1751277018","deploy@1751868905","deploy@1752473612","deploy@1753078461","deploy@1753683246","deploy@1754288252","deploy@1754931892","deploy@1755497723","deploy@1756102496","deploy@1756707119","deploy@1757311879","deploy@1757916930","deploy@1758521525","deploy@1759126366","deploy@1759731406","deploy@1760335957","deploy@1761545598","deploy@1762150324","deploy@1762755325","deploy@1763360043","deploy@1763964909","deploy@1764659574","deploy@1765174614","deploy@1765779173","test-depl-20231013154558","test-depl-20231025084603","v4.0.0-beta1","v4.0.0-beta1.1","v4.0.0-beta2","v4.0.0-beta3","v4.2.0-beta1","v5.0.0-alpha5","v6.0.0-alpha1","v6.0.0-alpha2","v7.0.0-alpha1","v8.0.0-alpha1","v8.0.0-alpha2","v9.3.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-26938.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}]}