elastic

Top products

The 15 most recently published vulnerabilities affecting elastic.

• CVE-2026-49093Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access6.3May 28, 2026
• CVE-2026-49094Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6.5May 28, 2026
• CVE-2026-49095Improper Input Validation in Kibana Fleet Leading to Privilege Escalation6.5May 28, 2026
• CVE-2026-42398Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access7.7May 28, 2026
• CVE-2026-42399Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6.5May 28, 2026
• CVE-2026-42400Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6.5May 28, 2026
• CVE-2026-42401Improper Neutralization of Input During Web Page Generation in Kibana Leading to Stored HTML Injection4.1May 28, 2026
• CVE-2026-33463Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access5.3May 28, 2026
• CVE-2026-33464Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6.5May 28, 2026
• CVE-2026-33462Path Traversal in Kibana Leading to Unauthorized Deletion of User Accounts4.6May 28, 2026
• CVE-2026-33467Improper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity Bypass5.9Apr 28, 2026
• CVE-2026-33466Improper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write8.1Apr 8, 2026
• CVE-2026-33458Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure6.3Apr 8, 2026
• CVE-2026-33459Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6.5Apr 8, 2026
• CVE-2026-33460Incorrect Authorization in Kibana Fleet Leading to Information Disclosure4.3Apr 8, 2026