PT-2026-33646

5/8 Action 4: Apply Critical Patches 24-Hour Priority • Okta Identity Cloud CVE-2026-51287: Critical authentication bypass actively exploited April 18–19, 2026; affects workforce and customer identity flows. Patch all tenants per CISA directive issued April 19. • Elastic Stack Elasticsearch +...

EUVD-2022-28648

Malicious code in bioql PyPI...

SUSE CVE-2025-24884

kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16...

PT-2025-5591 · Unknown +1 · Kube-Audit-Rest +1

Name of the Vulnerable Software and Affected Versions: kube-audit-rest versions prior to 1.0.16 Description: The issue concerns a simple logger of mutation/creation requests to the k8s API, where the previous values of Kubernetes secrets would have been disclosed in the audit messages if the...

kube-audit-rest 安全漏洞

kube-audit-rest is a Kubernetes audit logging by Richard Tweed Personal Developer. A security vulnerability exists in kube-audit-rest versions prior to 1.0.16, which stems from the fact that previous values of kubernetes secrets are leaked in audit messages if the full-elastic-stack example vecto...

Elastic Kibana Security Vulnerability

Elastic Kibana is an application from the Dutch company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. A security vulnerability exists in Elastic Kibana. An attacker could use this vulnerability to affect t...

Buildkite Elastic CI Stack for AWS Security Vulnerability

Buildkite Elastic CI Stack for AWS is an application from Buildkite that provides private, auto-scaling clusters of Buildkite Agents. A security vulnerability exists in Buildkite Elastic CI Stack for AWS versions prior to 6.7.1, and prior to 5.22.5, which stems from the introduction of a TOCTOU...

Elastic Kibana 7.17.4 - 7.17.9, 8.2.0 - 8.6.2 XSS Vulnerability (ESA-2023-06)

Kibana is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...

SUSE CVE-2022-23711

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance...

Elastic Stack 7.17.4 and 8.2.1 Security Update

Elastic Stack update for CVE-2022-21449 Java vulnerability in Elliptic Curve Digital Signature Algorithm ECDSA ESA-2022-06 A vulnerability CVE-2022-21449 affecting the implementation of Elliptic Curve Digital Signing Algorithm ECDSA based signatures verification in Java JDK versions 15 and later...

Information Disclosure

kibana is vulnerable to information disclosure. A remote unauthenticated attacker is able to gain access to unauthorized information via the Elastic Stack monitoring component in the kibana page source. The vulnerability only impacts the users that have set any of the optional...

CVE-2022-23711

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance...

CVE-2022-23711

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance...

Spoofing

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance...

CVE-2022-23711

A flaw was found in Kibana that could result in an attacker exposing sensitive information related to Elastic Stack monitoring in the Kibana page source, if a user has set the optional monitoring.ui.elasticsearch. settings. This could result in a loss of confidentiality and integrity...

CVE-2022-23711

CVE-2022-23711 describes a sensitive information exposure in Kibana when Elastic Stack monitoring is configured. The vulnerability allows viewing the Monitoring data exposed in the Kibana page source without authentication, affecting users who have set any of the optional monitoring.ui.elasticsea...

CVE-2022-23711

A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch cluster. Authentication with a vulnerable Kibana instance...

Vulnerability fixed in Kibana

A vulnerability has been fixed in Kibana. A malicious party could potentially exploit the vulnerability to obtain sensitive information. The vulnerability is not in the default configuration. Only Kibana installations that explicitly use Elastic Stack monitoring are potentially vulnerable. Elasti...

Kibana 7.17.3 and 8.1.3 Security Update

Kibana Exposure of Sensitive Information ESA-2022-05 A vulnerability in Kibana could expose sensitive information related to Elastic Stack monitoring in the Kibana page source. Elastic Stack monitoring features provide a way to keep a pulse on the health and performance of your Elasticsearch...

Elastic Kibana 信息泄露漏洞

Elastic Kibana is an application from the American company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. A security vulnerability exists in Elastic Kibana versions 7.8.0 through 7.17.2 and 8.0.0 through...