PublicCVE

CVE-2026-40012

MEDIUM5.3JSON exportCreate alert

Description

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;

CVSS breakdown

CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Affected products