EUVD-2025-26116

Malicious code in bioql PyPI...

BIT-ELK-2025-25010 Kibana privilege escalation via reporting_user role

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

Incorrect Authorization

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Incorrect Authorization via the built-in reportinguser role, which is incorrectly grants access to all Spaces. An attacker can gai...

CVE-2025-25010

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

CVE-2025-25010 Kibana privilege escalation via reporting_user role

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

Elastic Kibana 安全漏洞

Elastic Kibana is an available data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana that stems from improper authorization of the built-in reportinguser role, which could lead to elevated privileges...

PT-2025-35100

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting user role, which incorrectly has the ability to access all Kibana Spaces. Recommendations: At th...

CVE-2017-8446

The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reportinguser role could execute a report with the permissions of another reporting user, possibly gaining access to...