Kibana Archives • Daily CyberSecurity

Elastic Stack Under Fire: 7 New Flaws Expose Files & Crash Servers Elastic Security Update CVE-2026-0532 Elastic Defend Arbitrary Delete, SYSTEM Privilege Escalation ECE Readonly EoP, Improper Authorization Elastic XSS, Kibana Vulnerabilities Elastic LPE, Observability Tools Vulnerabilities

Elastic Stack Under Fire: 7 New Flaws Expose Files & Crash Servers

Do Son January 14, 2026

Elastic has released a massive security update addressing seven distinct vulnerabilities across its ecosystem, urging administrators to...

Visualizations Weaponized: New Kibana Flaw Allows XSS Attacks via Vega Charts Kibana Vega XSS, Elastic Stack Security CVE-2024-37287 - Kibana security update

Kibana Vega XSS, Elastic Stack Security CVE-2024-37287 - Kibana security update

Visualizations Weaponized: New Kibana Flaw Allows XSS Attacks via Vega Charts

Do Son December 19, 2025

Elastic has issued important security updates for Kibana, the popular data visualization dashboard for the Elastic Stack,...

Elastic Patches Two Kibana Flaws — SSRF (CVE-2025-37734) and XSS (CVE-2025-59840) Flaws Affect Multiple Versions CVE-2024-37288 and CVE-2024-37285 Kibana XSS SSRF, Vega Vulnerability

CVE-2024-37288 and CVE-2024-37285 Kibana XSS SSRF, Vega Vulnerability

Elastic Patches Two Kibana Flaws — SSRF (CVE-2025-37734) and XSS (CVE-2025-59840) Flaws Affect Multiple Versions

Do Son November 13, 2025

Elastic has issued two security advisories addressing two vulnerabilities in Kibana, the visualization and analytics dashboard component...

Elastic Fixes Multiple High-Severity Vulnerabilities in Kibana and Elasticsearch Elastic Security Update CVE-2026-0532 Elastic Defend Arbitrary Delete, SYSTEM Privilege Escalation ECE Readonly EoP, Improper Authorization Elastic XSS, Kibana Vulnerabilities Elastic LPE, Observability Tools Vulnerabilities

Elastic Fixes Multiple High-Severity Vulnerabilities in Kibana and Elasticsearch

Do Son October 7, 2025

Elastic has issued five security advisories addressing five vulnerabilities affecting its Kibana and Elasticsearch components, including three...

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched Kibana Vulnerabilities, Code Execution

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Do Son June 25, 2025

Elastic has published a security advisory addressing two significant vulnerabilities in Kibana, the visualization and dashboarding layer...

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring! Kibana Vulnerability, Elastic Security

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring!

Do Son June 11, 2025

Elastic has disclosed a high-severity vulnerability (CVE-2024-43706) affecting its Kibana observability platform, specifically in the Synthetic Monitoring...

CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution

Do Son May 7, 2025

Elastic has issued a critical security advisory for Kibana, warning users of a vulnerability tracked as CVE-2025-25014....

Kibana Code Injection Vulnerability: Prototype Pollution Threat (CVE-2024-12556) CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

Kibana Code Injection Vulnerability: Prototype Pollution Threat (CVE-2024-12556)

Do Son April 9, 2025

A newly disclosed vulnerability in Kibana, the popular open-source data visualization front-end for Elasticsearch, has been rated...

CVE-2025-25015 (CVSS 9.9): Critical Code Execution Vulnerability Patched in Elastic Kibana

Do Son March 5, 2025

Elastic has released a security update to address a critical vulnerability in Kibana, its popular data visualization...

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information

Do Son January 23, 2025

Kibana, the popular open-source data visualization and exploration tool, has released a security update addressing two vulnerabilities,...

Critical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution CVE-2024-37288 and CVE-2024-37285 Kibana XSS SSRF, Vega Vulnerability

Critical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution

Do Son September 8, 2024

Elastic, the company behind the popular open-source data visualization and analytics platform Kibana, has issued a critical...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Kibana

Visualizations Weaponized: New Kibana Flaw Allows XSS Attacks via Vega Charts

Elastic Patches Two Kibana Flaws — SSRF (CVE-2025-37734) and XSS (CVE-2025-59840) Flaws Affect Multiple Versions

Elastic Fixes Multiple High-Severity Vulnerabilities in Kibana and Elasticsearch

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution

Kibana Code Injection Vulnerability: Prototype Pollution Threat (CVE-2024-12556)

CVE-2025-25015 (CVSS 9.9): Critical Code Execution Vulnerability Patched in Elastic Kibana

CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information

Critical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution