Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Elastic — Vulnerabilities & Security Advisories 222

Browse all 222 CVE security advisories affecting Elastic. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Elastic:KibanaElasticsearchLogstashPacketbeatElastic X-Pack SecurityElastic Cloud EnterpriseAPM ServerElastic AgentX-Pack SecurityBeatsElastic Cloud Enterprise (ECE)Elastic Enterprise SearchElastic DefendMetricbeatFleet ServerFilebeatElastic Endpoint SecurityElastic Cloud on KubernetesElastic App SearchElasticsearch X-Pack Machine LearningElasticsearch X-Pack SecurityElastic Agent and Elastic DefendKibana X-Pack SecurityElastic X-Pack ReportingElastic Network Drive ConnectorElastic X-Pack AlertingEnterprise SearchElasticsearch-HadoopElastic Sharepoint Online Python ConnectorElastic APM Java Agent
CVE IDTitleCVSSSeverityPaused
CVE-2024-52974 Elastic Kibana 资源管理错误漏洞 — KibanaCWE-400 6.5 Medium2025-04-08
CVE-2024-52980 Elasticsearch Uncontrolled Resource Consumption vulnerability — ElasticsearchCWE-400 6.5 Medium2025-04-08
CVE-2025-25015 Kibana arbitrary code execution via prototype pollution — KibanaCWE-1321 9.9 Critical2025-03-05
CVE-2024-43708 Elastic Kibana 安全漏洞 — KibanaCWE-770 6.5 Medium2025-01-23
CVE-2024-52975 Fleet Server sensitive information exposure via logs — Fleet ServerCWE-200 9.0 Critical2025-01-23
CVE-2024-52972 Kibana allocation of resources without limits or throttling leads to crash — KibanaCWE-770 6.5 Medium2025-01-23
CVE-2024-43707 Kibana exposure of sensitive information to an unauthorized actor — KibanaCWE-200 7.7 High2025-01-23
CVE-2024-43710 Kibana server-side request forgery — KibanaCWE-918 4.3 Medium2025-01-23
CVE-2024-52973 Kibana allocation of resources without limits or throttling leads to crash — KibanaCWE-770 6.5 Medium2025-01-21
CVE-2024-43709 Elasticsearch allocation of resources without limits or throttling leads to crash — ElasticsearchCWE-770 6.5 Medium2025-01-21
CVE-2024-37284 Elastic Defend Improper Handling of Alternate Encoding Leads to Crash — Elastic DefendCWE-755 5.5 Medium2025-01-21
CVE-2024-12539 Elasticsearch Incorrect Authorization — ElasticsearchCWE-863 7.5 -2024-12-17
CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization — KibanaCWE-502 9.1 Critical2024-11-14
CVE-2024-37288 Elastic Kibana 安全漏洞 — KibanaCWE-502 9.9 Critical2024-09-09
CVE-2024-37287 Kibana arbitrary code execution via prototype pollution — KibanaCWE-94 9.1 Critical2024-08-13
CVE-2024-37283 Elastic Agent Insertion of Sensitive Information into Log File — Elastic AgentCWE-532 7.5AIHighAI2024-08-08
CVE-2024-37286 APM Server Insertion of Sensitive Information into Log File — APM ServerCWE-532 5.7 Medium2024-08-03
CVE-2024-23444 Elasticsearch elasticsearch-certutil csr fails to encrypt private key — ElasticsearchCWE-311 4.9 Medium2024-07-31
CVE-2024-37281 Kibana Denial of Service issue — KibanaCWE-400 6.5 Medium2024-07-30
CVE-2023-49921 Elasticsearch 安全漏洞 — ElasticsearchCWE-532 5.2 Medium2024-07-26
CVE-2024-37282 Elastic Cloud Enterprise 安全漏洞 — Elastic Cloud EnterpriseCWE-285 8.1 High2024-06-28
CVE-2024-23443 Elastic Kibana 安全漏洞 — KibanaCWE-400 4.9 Medium2024-06-19
CVE-2024-23442 Kibana open redirect issue — KibanaCWE-601 6.1 Medium2024-06-14
CVE-2024-37279 Kibana Broken Access Control issue — Kibana 4.3 Medium2024-06-13
CVE-2024-37280 Elasticsearch StackOverflow vulnerability — ElasticsearchCWE-122 4.9 Medium2024-06-13
CVE-2024-23445 Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions — Elasticsearch 6.5 Medium2024-06-12
CVE-2024-23449 Elasticsearch Uncaught Exception — ElasticsearchCWE-248 4.3 Medium2024-03-29
CVE-2024-23451 Elasticsearch Incorrect Authorization in the Remote Cluster Security API key based security model — ElasticsearchCWE-863 4.4 Medium2024-03-27
CVE-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability — ElasticsearchCWE-400 4.9 Medium2024-03-27
CVE-2024-23448 APM Server Insertion of Sensitive Information into Log File — APM ServerCWE-532 5.7 Medium2024-02-07

This page lists every published CVE security advisory associated with Elastic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.