Known vulnerabilities in Elastic Stack Kibana

Vendor: Elastic Stack
Website: https://www.elastic.co/
Total Security Bulletins: 55

Security bulletins (55)

Secuity bulletin Severity Status Published
SB2025121929: Multiple vulnerabilities in Kibana Medium
Patched
19.12.2025
SB2025121525: Multiple vulnerabilities in Kibana Low
Patched
15.12.2025
SB2025111256: Multiple vulnerabilities in Kibana Medium
Patched
12.11.2025
SB2025100655: Multiple vulnerabilities in Kibana Medium
Patched
06.10.2025
SB2025100654: Reflected XSS in Kibana Low
Patched
06.10.2025
SB2025083006: Incorrect authorization in Elastic Kibana Medium
Patched
30.08.2025
SB2025062470: Kibana update for Google Chromium High
Patched Public exploit
24.06.2025
SB2025062469: Open redirect in Kibana Low
Patched
24.06.2025
SB2025061075: Improper authorization in Kibana Medium
Patched
10.06.2025
SB2025050668: Authenticated code execution via prototype pollution in Kibana Low
Patched Public exploit
06.05.2025
SB2025050131: Stored XSS in Kibana Low
Patched
01.05.2025
SB2025050125: Arbitrary file upload in Elastic Kibana Medium
Patched
01.05.2025
SB2025040884: Authenticated code execution via prototype pollution in Kibana Medium
Patched
08.04.2025
SB2025040883: Denial of service in Elastic Kibana Medium
Patched
08.04.2025
SB2025030544: Authenticated code execution via prototype pollution in Kibana Medium
Patched
05.03.2025
SB2025012329: Multiple vulnerabilities in Elastic Kibana Medium
Patched
23.01.2025
SB2025012116: Denial of service in Elastic Kibana Medium
Patched
21.01.2025
SB2024090615: Multiple remote code execution vulnerabilities in Elastic Kibana High
Patched
06.09.2024
SB2024080624: Prototype pollution in Kibana High
Patched
06.08.2024
SB20240731195: Denial of service in Kibana Medium
Patched
31.07.2024
SB2024061404: Multiple vulnerabilities in Elastic Kibana High
Patched
14.06.2024
SB2024060638: Denial of service in Kibana Low
Patched
06.06.2024
SB2024021321: Elastic Kibana update for WebRTC Critical
Patched Exploited
13.02.2024
SB2024020745: Security restrictions bypass in Elastic Kibana Low
Patched
07.02.2024
SB2023121331: Inclusion of sensitive information in log files in Kibana Medium
Patched
13.12.2023
SB2023111517: Inclusion of sensitive information into log files in Kibana Low
Patched
15.11.2023
SB2023101170: Elastic Kibana update for libwebp Critical
Patched Exploited
11.10.2023
SB2023091975: Inclusion of sensitive information into log files in Kibana Low
Patched
19.09.2023
SB2023050253: Elastic Kibana update for vega Low
Patched
02.05.2023
SB2022042510: Information disclosure in Elastic Kibana Low
Patched
25.04.2022
SB2021052542: Multiple vulnerabilities in Kibana Medium
Patched
25.05.2021
SB2021042810: Denial of service in Kibana Medium
Patched
28.04.2021
SB2021032503: Insufficient Session Expiration in Kibana Low
Patched
25.03.2021
SB2021021103: Kibana security update for Vega JS library Medium
Patched
11.02.2021
SB2020072815: Multiple vulnerabilities in Kibana Medium
Patched
28.07.2020
SB2020060342: Code Injection in Kibana High
Patched
03.06.2020
SB2020060343: Cross-site scripting in Kibana Low
Patched
03.06.2020
SB2019121906: Cross-site scripting in Kibana Low
Patched
19.12.2019
SB2019100135: Incorrect permission assignment for critical resource in Kibana Medium
Patched
01.10.2019


Showing elements 1 - 40 out of 55