Elastic

211 tracked vulnerabilities.

CVE-2026-26938 HIGH
Kibana - Code Injection
Feb 26, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-26937 MEDIUM
Kibana Timelion - DoS
Feb 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-26936 MEDIUM
Kibana AI Inference Anonymization - DoS
Feb 26, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-26935 MEDIUM
Kibana - DoS
Feb 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-26934 MEDIUM
Kibana - DoS
Feb 26, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-0543 MEDIUM
Elastic Kibana < 7.17.29 - Improper Input Validation
Jan 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-0531 MEDIUM
Elastic Kibana < 7.17.29 - Resource Allocation Without Limits
Jan 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-0530 MEDIUM
Elastic Kibana < 7.17.29 - Resource Allocation Without Limits
Jan 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-0528 MEDIUM
Elastic Kibana < 7.17.29 - Improper Array Index Validation
Jan 13, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-68422 MEDIUM
Elastic Kibana < 7.17.29 - Incorrect Authorization
Dec 18, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-68390 MEDIUM
Elasticsearch < 7.17.29 - Resource Allocation Without Limits
Dec 18, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-68389 MEDIUM
Elastic Kibana < 7.17.29 - Resource Allocation Without Limits
Dec 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-68387 MEDIUM
Elastic Kibana < 7.17.29 - XSS
Dec 18, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-68386 MEDIUM
Elastic Kibana < 7.17.29 - Incorrect Authorization
Dec 18, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-68385 HIGH
Elastic Kibana < 7.17.29 - XSS
Dec 18, 2025
CVSS 7.2
EPSS 0.00
CVE-2025-68388 MEDIUM
Elasticsearch Packetbeat < 8.19.9 - Resource Allocation Without Limits
Dec 18, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-68384 MEDIUM
Elasticsearch < 7.17.29 - Resource Allocation Without Limits
Dec 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-68383 MEDIUM
Elastic Filebeat < 7.17.29 - Buffer Overflow
Dec 18, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-37732 MEDIUM
Integration Package Upload - XSS
Dec 15, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-37731 MEDIUM
Elasticsearch - Auth Bypass
Dec 15, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-37734 MEDIUM
Kibana - SSRF
Nov 12, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-37736 HIGH
Elastic Cloud Enterprise - Privilege Escalation
Nov 07, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-37729 CRITICAL
Elastic Cloud Enterprise - Info Disclosure
Oct 13, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-37727 MEDIUM
Elasticsearch - Info Disclosure
Oct 10, 2025
CVSS 5.7
EPSS 0.00
CVE-2025-25018 HIGH
Kibana - XSS
Oct 10, 2025
CVSS 8.7
EPSS 0.00
Products
kibana 96 elasticsearch 46 logstash 12 x-pack 9 elastic_cloud_enterprise 9 enterprise_search 5 elastic_agent 5 endpoint_security 5 beats 5 apm_agent 3 apm_server 3 elastic_beats 2 elastic_app_search 2 elastic_cloud_on_kubernetes 2 elasticsearch_x-pack 2 endgame 2 apm-server 2 filebeat 2 kibana_x-pack 2 logstash_x-pack 2 azure_repository 1 apm-agent-ruby 1 network_drive_connector 1 fleet_server 1 apm_.net_agent 1 kibana_reporting 1 elastic_fleet_server 1 cloud-on-k8s 1 winlogbeat 1 elastic_sharepoint_online_python_connector 1
Quick Filters
Critical CVEs With Exploits In CISA KEV