Vulnerabilities in Elastic
233 resultsCVE-2025-37727MEDIUMElasticsearch Insertion of sensitive information in log fileEPSS 0.2%CVE-2022-23714—A local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elastic Endpoint Security for Windows, which EPSS 0.2%CVE-2026-33462MEDIUMPath Traversal in Kibana Leading to Unauthorized Deletion of User AccountsEPSS 0.2%CVE-2024-11994MEDIUMAPM Server Insertion of Sensitive Information into Log FileEPSS 0.2%CVE-2025-25009HIGHKibana Cross-Site Scripting (XSS)EPSS 0.2%CVE-2025-25018HIGHKibana Stored Cross-Site Scripting (XSS)EPSS 0.2%CVE-2021-37941—A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an applicaEPSS 0.2%CVE-2024-23444MEDIUMElasticsearch elasticsearch-certutil csr fails to encrypt private keyEPSS 0.2%CVE-2025-68382MEDIUMPacketbeat Out-of-bounds ReadEPSS 0.2%CVE-2026-49093MEDIUMServer-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network AccessEPSS 0.2%CVE-2026-0529MEDIUMImproper Validation of Array Index in Packetbeat Leading to Overflow BuffersEPSS 0.2%CVE-2025-68422MEDIUMKibana Improper AuthorizationEPSS 0.2%CVE-2025-37734MEDIUMKibana Origin Validation ErrorEPSS 0.2%CVE-2025-68385HIGHKibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')EPSS 0.2%CVE-2023-31413MEDIUMFilebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization hEPSS 0.2%CVE-2026-26931MEDIUMMemory Allocation with Excessive Size Value in Metricbeat Leading to Denial of ServiceEPSS 0.2%CVE-2026-26939MEDIUMMissing Authorization in Kibana Leading to Unauthorized Endpoint Response Action ConfigurationEPSS 0.2%CVE-2026-33460MEDIUMIncorrect Authorization in Kibana Fleet Leading to Information DisclosureEPSS 0.2%CVE-2025-68387MEDIUMKibana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')EPSS 0.2%CVE-2025-68383MEDIUMFilebeat Improper Validation of Specified Index, Position, or Offset in InputEPSS 0.2%