By weakness (CWE)

CWE-672: related vulnerabilities

CVEs classified under CWE-672. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-33463MEDIUM 5.3

    Kibana contains a flaw where access tokens that should expire at a specific time continue to work indefinitely. An attacker who obtains one of these tokens—even after it should have stopped being valid—can use it to read sensitive information they shouldn't have access to. The vulnerability stems from improper validation of token expiration times, allowing the system to forget when a token was supposed to stop working.