Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how elastic compares to other vendors in security performance

View Risk Score →

Elastic KibanaServer-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access

Risk 44
Severity
7.7
First published (updated )
CVE-2026-49093

Elastic KibanaUncontrolled Resource Consumption in Kibana Leading to Denial of Service

Risk 38
Severity
6.5
First published (updated )
CVE-2026-49094

Elastic KibanaImproper Input Validation in Kibana Fleet Leading to Privilege Escalation

Risk 51
Severity
7.2
First published (updated )
CVE-2026-49095

Elastic KibanaServer-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access

Risk 44
Severity
7.7
First published (updated )
CVE-2026-42398

Elastic KibanaUncontrolled Resource Consumption in Kibana Leading to Denial of Service

Risk 38
Severity
6.5
First published (updated )
CVE-2026-42399
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Elastic KibanaUncontrolled Resource Consumption in Kibana Leading to Denial of Service

Risk 38
Severity
6.5
First published (updated )
CVE-2026-42400

Elastic KibanaImproper Neutralization of Input During Web Page Generation in Kibana Leading to Stored HTML Injection

Risk 34
Severity
5.4
First published (updated )
CVE-2026-42401

Elastic KibanaOperation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access

Risk 27
Severity
5.3
First published (updated )
CVE-2026-33463

Elastic KibanaUncontrolled Resource Consumption in Kibana Leading to Denial of Service

Risk 38
Severity
6.5
First published (updated )
CVE-2026-33464

Elastic KibanaPath Traversal in Kibana Leading to Unauthorized Deletion of User Accounts

Risk 54
Severity
7.3
First published (updated )
CVE-2026-33462
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Elastic Logstash 9.4End of life details

First published (updated )
EOL-logstash-9.4

Elastic Elasticsearch 9.4End of life details

First published (updated )
EOL-elasticsearch-9.4

Elastic Beats 9.4End of life details

First published (updated )
EOL-beats-9.4

Elastic Kibana 9.4End of life details

First published (updated )
EOL-kibana-9.4

Elastic Elastic Package RegistryImproper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity Bypass

Risk 35
Severity
5.9
First published (updated )
CVE-2026-33467
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Elastic LogstashImproper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write

Risk 86
Severity
9.8
First published (updated )
CVE-2026-33466

Elastic Kibana One WorkflowServer-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure

Risk 44
Severity
7.7
First published (updated )
CVE-2026-33458

Elastic KibanaUncontrolled Resource Consumption in Kibana Leading to Denial of Service

Risk 38
Severity
6.5
First published (updated )
CVE-2026-33459

Elastic KibanaIncorrect Authorization in Kibana Fleet Leading to Information Disclosure

Risk 22
Severity
4.3
First published (updated )
CVE-2026-33460

Elastic KibanaIncorrect Authorization in Kibana Fleet Leading to Information Disclosure

Risk 44
Severity
7.7
First published (updated )
CVE-2026-33461
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Elastic KibanaExecution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Elasticsearch RBAC scope

Risk 31
Severity
7.7
EPSS
0.05%
First published (updated )
CVE-2026-4498

Elastic KibanaImproper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service

Risk 38
Severity
6.5
First published (updated )
CVE-2026-26940

Elastic KibanaMissing Authorization in Kibana Leading to Unauthorized Endpoint Response Action Configuration

Risk 38
Severity
6.5
First published (updated )
CVE-2026-26939

Elasticsearch PacketbeatImproper Validation of Array Index in Packetbeat Leading to Denial of Service

Risk 34
Severity
5.7
First published (updated )
CVE-2026-26933

Elastic MetricbeatMemory Allocation with Excessive Size Value in Metricbeat Leading to Denial of Service

Risk 34
Severity
5.7
First published (updated )
CVE-2026-26931
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Elastic KibanaImproper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF)

Risk 34
Severity
8.6
EPSS
0.05%
First published (updated )
CVE-2026-26938

Elastic KibanaUncontrolled Resource Consumption in Kibana Leading to Denial of Service

Risk 31
Severity
7.5
EPSS
0.05%
First published (updated )
CVE-2026-26937

Elastic KibanaInefficient Regular Expression Complexity in Kibana Leading to Denial of Service

Risk 31
Severity
7.5
EPSS
0.05%
First published (updated )
CVE-2026-26936

Elastic KibanaImproper Input Validation in Kibana Leading to Denial of Service

Risk 31
Severity
7.5
EPSS
0.07%
First published (updated )
CVE-2026-26935

Elastic KibanaImproper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service

Risk 27
Severity
6.5
EPSS
0.05%
First published (updated )
CVE-2026-26934
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203