CVE-2026-0532: External Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini Connector
External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticated access with privileges sufficient to create or modify connectors (Alerts & Connectors: All). The server processes a configuration without proper validation, allowing for arbitrary network requests and for arbitrary file reads.
Security readout for executives and security teams
Plain-English summary
CVE-2026-0532 affects Kibana’s Google Gemini connector. A user who can create or change connectors could supply a malicious credentials JSON configuration that makes Kibana read arbitrary files or make unintended network requests. The main business risk is exposure of sensitive server-side data from Kibana environments.
Executive priority
Treat as high priority for Kibana environments with connector administration enabled. Prioritize systems handling sensitive data or running in privileged network zones. The issue needs authenticated connector privileges, which reduces broad internet risk but can materially increase damage from compromised or over-permissioned accounts.
Technical view
The issue combines external control of file name/path with SSRF in Kibana Google Gemini connector configuration processing. The CVE description says a specially crafted credentials JSON payload can trigger arbitrary file disclosure and arbitrary network requests. Exploitation requires authenticated access with Alerts & Connectors: All privileges, despite the CVSS vector listing PR:N.
Likely exposure
Exposure is most relevant where Kibana uses or permits configuration of the Google Gemini connector and where users or service accounts have privileges to create or modify connectors. The source bundle lists Kibana 8.15.0, 9.0.0, and 9.2.0 as affected entries, with default status otherwise unaffected.
Exploitation context
No active exploitation is stated in the provided sources, and the CVE is not marked KEV. The required access is privileged connector administration. Successful abuse could disclose local files accessible to the Kibana server process or force server-side requests from Kibana’s network position.
Researcher notes
The source data has an important nuance: the narrative requires authenticated connector privileges, while the CVSS vector says PR:N. Validation should follow vendor guidance and test only for configuration exposure and patch status, not exploit behavior. Evidence provided does not confirm public exploitation or a standalone workaround.
Mitigation direction
Review Elastic advisory ESA-2026-05 and apply the referenced Kibana security update guidance.
Restrict Alerts & Connectors: All privileges to trusted administrators only.
Audit existing Google Gemini connector configurations for unexpected credentials JSON changes.
Limit Kibana server egress where operationally feasible.
Check Red Hat status if using Kibana through Red Hat-distributed components.
Validation and detection
Inventory Kibana versions and compare against Elastic’s CVE advisory.
Identify users and roles with Alerts & Connectors: All privileges.
List configured Google Gemini connectors and recent modification history.
Review Kibana logs for unusual connector configuration changes or outbound requests.
Confirm vendor-advised updated versions are deployed after remediation.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · medium confidence lookup
CWE-918: Information exposure and cloud metadata lookup
Information exposure and SSRF weaknesses can make discovery, cloud metadata, and credential material review relevant. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
The CVE wording references SSRF or metadata access, so cloud discovery and credential material review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
The CVE wording references file access or upload behavior, so file telemetry and web shell review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-918 · source CWE mapping
Server-Side Request Forgery (SSRF)
Server-Side Request Forgery (SSRF) represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.