| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-68390 | Elasticsearch Allocation of Resources Without Limits or Throttling | Elastic | Elasticsearch | Medium | 4.9 | 2025-12-18 22:17:42 | Deep Dive |
| CVE-2025-68384 | Elasticsearch Allocation of Resources Without Limits or Throttling | Elastic | Elasticsearch | Medium | 6.5 | 2025-12-18 22:04:50 | Deep Dive |
| CVE-2025-37731 | Elasticsearch Improper Authentication | Elastic | Elasticsearch | Medium | 6.8 | 2025-12-15 10:42:22 | Deep Dive |
| CVE-2025-37727 | Elasticsearch Insertion of sensitive information in log file | Elastic | Elasticsearch | Medium | 5.7 | 2025-10-10 09:56:15 | Deep Dive |
| CVE-2024-52979 | Elasticsearch Uncontrolled Resource Consumption vulnerability | Elastic | Elasticsearch | Medium | 6.5 | 2025-05-01 13:13:07 | Deep Dive |
| CVE-2024-52981 | Elastic Elasticsearch 资源管理错误漏洞 | Elastic | Elasticsearch | Medium | 4.9 | 2025-04-08 16:54:17 | Deep Dive |
| CVE-2024-52980 | Elasticsearch Uncontrolled Resource Consumption vulnerability | Elastic | Elasticsearch | Medium | 6.5 | 2025-04-08 16:43:41 | Deep Dive |
| CVE-2024-13221 | Fantastic Elasticsearch <= 4.1.0 - Reflected XSS | Unknown | Fantastic ElasticSearch | 中危 | - | 2025-01-31 06:00:16 | Deep Dive |
| CVE-2024-43709 | Elasticsearch allocation of resources without limits or throttling leads to crash | Elastic | Elasticsearch | Medium | 6.5 | 2025-01-21 11:00:11 | Deep Dive |
| CVE-2024-12539 | Elasticsearch Incorrect Authorization | Elastic | Elasticsearch | 中危 | - | 2024-12-17 20:50:05 | Deep Dive |
| CVE-2024-23444 | Elasticsearch elasticsearch-certutil csr fails to encrypt private key | Elastic | Elasticsearch | Medium | 4.9 | 2024-07-31 17:26:13 | Deep Dive |
| CVE-2023-49921 | Elasticsearch 安全漏洞 | Elastic | Elasticsearch | Medium | 5.2 | 2024-07-26 05:10:34 | Deep Dive |
| CVE-2024-37280 | Elasticsearch StackOverflow vulnerability | Elastic | Elasticsearch | Medium | 4.9 | 2024-06-13 16:26:58 | Deep Dive |
| CVE-2024-23445 | Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions | Elastic | Elasticsearch | Medium | 6.5 | 2024-06-12 13:58:45 | Deep Dive |
| CVE-2024-23449 | Elasticsearch Uncaught Exception | Elastic | Elasticsearch | Medium | 4.3 | 2024-03-29 11:12:49 | Deep Dive |
| CVE-2024-23451 | Elasticsearch Incorrect Authorization in the Remote Cluster Security API key based security model | Elastic | Elasticsearch | Medium | 4.4 | 2024-03-27 18:03:26 | Deep Dive |
| CVE-2024-23450 | Elasticsearch Uncontrolled Resource Consumption vulnerability | Elastic | Elasticsearch | Medium | 4.9 | 2024-03-27 17:03:48 | Deep Dive |
| CVE-2023-46674 | Elasticsearch-hadoop Unsafe Deserialization | Elastic | Elasticsearch-Hadoop | Medium | 6.0 | 2023-12-05 17:21:59 | Deep Dive |
| CVE-2023-46673 | Elasticsearch 安全漏洞 | Elastic | Elasticsearch | Medium | 6.5 | 2023-11-22 09:27:10 | Deep Dive |
| CVE-2021-37937 | Elasticsearch privilege escalation | Elastic | Elasticsearch | Medium | 5.9 | 2023-11-22 01:45:21 | Deep Dive |