Vulnerabilities in Elastic
233 resultsCVE-2024-12556HIGHKibana Prototype Pollution can lead to code injectionEPSS 0.4%CVE-2024-43707HIGHKibana exposure of sensitive information to an unauthorized actorEPSS 0.4%CVE-2024-12539MEDIUMElasticsearch Incorrect AuthorizationEPSS 0.4%CVE-2025-25012MEDIUMKibana Open RedirectEPSS 0.4%CVE-2025-68381MEDIUMPacketbeat Improper Bounds CheckEPSS 0.4%CVE-2024-37279MEDIUMKibana Broken Access Control issueEPSS 0.4%CVE-2026-0543MEDIUMImproper Input Validation in Kibana Email Connector Leading to Excessive AllocationEPSS 0.4%CVE-2024-43708MEDIUMAn allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted payload to a number of iEPSS 0.4%CVE-2024-52972MEDIUMKibana allocation of resources without limits or throttling leads to crashEPSS 0.4%CVE-2024-23447MEDIUMElastic Network Drive Connector Improper Access ControlEPSS 0.4%CVE-2023-46666MEDIUMElastic Sharepoint Online Python Connector Improper Access ControlEPSS 0.4%CVE-2023-31416MEDIUMElastic Cloud on Kubernetes (ECK) secret token configuration issueEPSS 0.4%CVE-2024-52973MEDIUMKibana allocation of resources without limits or throttling leads to crashEPSS 0.4%CVE-2023-46668MEDIUMElastic Endpoint Insertion of Sensitive Information into Log FileEPSS 0.3%CVE-2024-43706HIGHKibana Improper AuthorizationEPSS 0.3%CVE-2023-46672HIGHLogstash Insertion of Sensitive Information into Log FileEPSS 0.3%CVE-2024-23442MEDIUMKibana open redirect issueEPSS 0.3%CVE-2025-68390MEDIUMElasticsearch Allocation of Resources Without Limits or ThrottlingEPSS 0.3%CVE-2026-0528MEDIUMImproper Input Validation in Metricbeat Leading to Denial of ServiceEPSS 0.3%CVE-2026-26936MEDIUMInefficient Regular Expression Complexity in Kibana Leading to Denial of ServiceEPSS 0.3%