CLEANSTART-2026-EW93264 Security fixes for GHSA-4CX2-FC23-5WG6, GHSA-6XW4-3V39-52MM, GHSA-72QJ-48G4-5XGX, GHSA-MR3Q-G2MV-MR4Q, GHSA-P543-XPFM-54CP, GHSA-VC5P-V9HR-52MJ, GHSA-VQG5-3255-V292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2

Multiple security vulnerabilities affect the logstash-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

PT-2025-41308

Name of the Vulnerable Software and Affected Versions Kibana versions 8.18.8, 8.19.5, 9.0.8, and 9.1.5 Description An issue exists in Kibana where improper neutralization of input during web page generation and improper validation of specified input types can lead to stored Cross-Site Scripting...

CVE-2024-23676

In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that they do not have permission to view. This vulnerability requires user interaction from a high-privileged user to exploit...