Elasticsearch x-pack security

This hub aggregates every CVE we track for Elasticsearch x-pack security, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.

Databases

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 1 most recently published vulnerabilities affecting Elasticsearch x-pack security.

CVE-2017-8442Elasticsearch X-Pack Security versions 5.0.0 to 5.4.3, when enabled, can result in the Elasticsearch _nodes API leaking sensitive configuration information, such as the paths and passphrases of SSL...6.5Jul 7, 2017

Product normalization is registry-driven with AI assist and human review. How it works