Elastic Security Vulnerabilities (CVEs)

This CVE describes two denial-of-service vulnerabilities in Metricbeat where specially crafted payloads sent to Graphite or Zookeeper metricsets, or m...

This vulnerability in Kibana Fleet allows attackers to send specially crafted requests that cause excessive resource allocation, leading to service de...

CVE-2026-0531 is a resource exhaustion vulnerability in Kibana Fleet where specially crafted bulk retrieval requests can cause excessive memory consum...

This CVE describes a cross-site scripting (XSS) vulnerability in Vega visualization components that allows authenticated users to inject malicious scr...

This vulnerability allows authenticated Kibana users to escalate privileges by changing document sharing settings to 'global', making documents visibl...

This CVE describes a cross-site scripting (XSS) vulnerability in Kibana's Vega AST evaluator that allows unauthenticated attackers to inject malicious...

This vulnerability allows authenticated Kibana users with low privileges to send crafted HTTP requests that cause excessive resource allocation, leadi...

This vulnerability allows authenticated Elasticsearch users with snapshot restore privileges to cause memory exhaustion and denial of service through ...

CVE-2025-68422 is an improper authorization vulnerability in Kibana that allows authenticated users to bypass permission restrictions via crafted HTTP...

This vulnerability allows attackers to trigger a buffer overflow in Filebeat's Syslog parser or Libbeat Dissect processor, causing the Filebeat proces...

This vulnerability allows authenticated Elasticsearch users with low privileges to submit oversized user settings data, causing excessive memory alloc...

CVE-2025-37731 is an improper authentication vulnerability in Elasticsearch's PKI realm that allows user impersonation via specially crafted client ce...

This CVE describes a cross-site scripting (XSS) vulnerability in Kibana's integration package upload functionality that allows authenticated users to ...

An origin validation error in Kibana's Observability AI Assistant allows attackers to perform Server-Side Request Forgery (SSRF) by forging the Origin...

This CVE describes an improper authorization vulnerability in Elastic Cloud Enterprise where the built-in readonly user can access privileged APIs tha...

This vulnerability allows sensitive information to be exposed in Elasticsearch log files when auditing requests to the reindex API. Attackers with acc...

This vulnerability in Kibana allows attackers to inject malicious scripts into web pages through improper input neutralization, leading to stored cros...

This CVE describes a cross-site scripting (XSS) vulnerability in Kibana where improper input sanitization during web page generation allows attackers ...

This CVE describes an incorrect authorization vulnerability in Kibana where the built-in reporting_user role has excessive permissions, allowing it to...

This CVE describes an improper authorization vulnerability in Kibana's Synthetic monitor endpoint that allows authenticated users to perform unauthori...

This vulnerability allows local attackers with the ability to modify osqueryd configurations to execute arbitrary code via parameter injection in Elas...

This vulnerability allows attackers to upload malicious HTML/JavaScript files through Kibana's Synthetics app, leading to cross-site scripting (XSS) a...

This vulnerability allows attackers to exploit prototype pollution in Kibana to achieve code injection by combining unrestricted file upload with path...

This vulnerability allows authenticated users with read access to Kibana to send specially crafted payloads that cause resource exhaustion, leading to...

This CVE describes an information disclosure vulnerability in Kibana where users without Fleet privileges can view Elastic Agent policies that may con...

A server-side request forgery (SSRF) vulnerability in Kibana's Fleet API allows authenticated users with read access to send requests to internal HTTP...

This vulnerability in Elasticsearch allows attackers to cause a denial of service by sending specially crafted SQL queries that trigger excessive memo...

This CVE allows sensitive Elasticsearch document contents to be exposed in application logs when Watcher search input is configured with DEBUG logging...

This vulnerability allows API keys with specific privileges to create new API keys with elevated privileges, leading to privilege escalation. It affec...

This vulnerability allows high-privileged Kibana users with osquery pack creation permissions to upload malicious packs that could cause Kibana availa...

This CVE describes an open redirect vulnerability in Kibana where attackers can craft malicious URLs that redirect users to arbitrary external website...

This vulnerability allows view-only users in Kibana to abuse the run_soon API to trigger continuous execution of alerting rules. This could lead to re...

This vulnerability in Kibana logs sensitive credentials like kibana_system user passwords, API keys, and end-user credentials when specific errors occ...

This vulnerability allows a local user to escalate privileges by attaching a malicious plugin to an application running the Elastic APM Java agent. At...

CVE-2023-46672 is a Logstash vulnerability where sensitive information from the keystore can be exposed in JSON-formatted logs when referenced as vari...

CVE-2023-31418 is a denial-of-service vulnerability in Elasticsearch's HTTP layer where unauthenticated attackers can cause nodes to crash with OutOfM...

Fleet Server versions 8.10.0 through 8.10.2 log agent enrollment tokens in plain text, allowing attackers who access logs to enroll unauthorized agent...

CVE-2023-31414 allows arbitrary code execution in Kibana when an attacker with write access to configuration files injects malicious JavaScript payloa...

CVE-2022-38777 is a privilege escalation vulnerability in Elastic Endpoint Security for Windows. Unprivileged users can exploit the rollback feature t...

This CVE describes a local privilege escalation vulnerability in Elastic Endpoint Security for Windows. Unprivileged users can exploit this flaw to ga...

CVE-2022-23712 is a Denial of Service vulnerability in Elasticsearch where an unauthenticated attacker can send a specially crafted network request to...

This vulnerability in Elastic Enterprise Search App Search allows API keys to access engines beyond their intended scope. A less privileged user could...

Elastic Cloud Enterprise versions have the Elasticsearch 'anonymous' user enabled by default, allowing attackers to query cluster details without auth...

This XXE vulnerability in Elastic App Search's web crawler beta feature allows attackers to read sensitive files on the host system. Attackers can exp...