Elastic Cloud Enterprise (ECE) 3.8.2 and 4.0.2 Security Update (ESA-2025-21)

Elastic Cloud Enterprise ECE Improper Neutralization of Special Elements Used in a Template Engine ESA-2025-21 Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise ECE can lead to a malicious actor with Admin access exfiltrating sensitive information a...

CVE-2025-23405

Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks ex log injection...