Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution

Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution. "Prototype pollution in Kibana leads to

Posted from: Click here for the full article.

留言

此網誌的熱門文章

What Is Attack Surface Management?

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables