Known vulnerabilities in Elastic Stack Elasticsearch

Vendor: Elastic Stack

Website: https://www.elastic.co/

Total Security Bulletins: 34

Security bulletins (34)

Secuity bulletin	Severity	Status	Published
SB20260113101: Elasticsearch update for LZ4 Java library	Medium	Patched	13.01.2026
SB2025121916: Authenticated denial of service in Elasticsearch	Medium	Patched	19.12.2025
SB2025121524: Multiple vulnerabilities in Elasticsearch	Medium	Patched	15.12.2025
SB2025100653: Inclusion of sensitive information into log files in Elasticsearch	Medium	Patched	06.10.2025
SB2025083007: Elasticsearch update for Apache Tika	Medium	Patched Public exploit	30.08.2025
SB2025050126: Authenticated denial of service in Elasticsearch	Medium	Patched	01.05.2025
SB2025040888: Multiple vulnerabilities in Elasticsearch	Medium	Patched	08.04.2025
SB2025012117: Denial of service in Elasticsearch	Medium	Patched	21.01.2025
SB2024121809: Improper authorization in Elasticsearch	Low	Patched	18.12.2024
SB2024080141: Insecure storage of private key in Elasticsearch	Low	Patched	01.08.2024
SB2024060703: Multiple vulnerabilities in Elasticsearch	Medium	Patched	07.06.2024
SB2024060702: Information disclosure in Elasticsearch	Low	Patched	07.06.2024
SB2024060701: Denial of service in Elasticsearch	Low	Patched	07.06.2024
SB2024060639: Inclusion of sensitive information in log files in Elasticsearch	Low	Patched	06.06.2024
SB2024032832: Denial of service in Elasticsearch	Medium	Patched	28.03.2024
SB2023112219: Denial of service in Elasticsearch	Medium	Patched	22.11.2023
SB2023092233: Remote denial of service in Elasticsearch and Elastic Cloud Enterprise	Medium	Patched	22.09.2023
SB2023091904: Denial of service in Elasticsearch	Medium	Patched Public exploit	19.09.2023
SB2023091162: Inclusion of sensitive information into log files in Elasticsearch	Low	Patched	11.09.2023
SB2023063048: Denial of service in Elasticsearch OpenID Connect	Medium	Patched	30.06.2023

Showing elements 1 - 20 out of 34