cbcvebase.

Elastic Kibana vulnerabilities

117 known vulnerabilities affecting elastic/kibana.

Total CVEs
117
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL7HIGH25MEDIUM83LOW2

Vulnerabilities

Page 1 of 6
CVE-2019-7609P1CRITICALCVSS 10.0KEVPoCfixed in 5.6.15≥ 6.0.0, < 6.6.1+1 more2019-03-25
CVE-2019-7609 [CRITICAL] CWE-94 CVE-2019-7609: Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion vis Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host syst
nvd
CVE-2018-17246P1CRITICALCVSS 9.8ExploitedPoC≥ 5.0.0, < 5.6.13≥ 6.0.0, < 6.4.3+1 more2018-12-20
CVE-2018-17246 [CRITICAL] CWE-73 CVE-2018-17246: Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plug Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
nvd
CVE-2020-7012P2HIGHCVSS 8.8PoC≥ 6.7.0, ≤ 6.8.8≥ 7.0.0, ≤ 7.6.2+1 more2020-06-03
CVE-2020-7012 [HIGH] CWE-94 CVE-2020-7012: Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. An authenticated attacker with privileges to write to the Kibana index could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the h
nvd
CVE-2025-25014P2CRITICALCVSS 9.8≥ 8.3.0, < 8.17.6v8.18.0+3 more2025-05-06
CVE-2025-25014 [CRITICAL] CWE-1321 CVE-2025-25014: A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP req A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints.
nvd
CVE-2025-25015P2CRITICALCVSS 9.9≥ 8.15.0, < 8.16.6≥ 8.17.0, < 8.17.32025-03-05
CVE-2025-25015 [CRITICAL] CWE-1321 CVE-2025-25015: Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specif Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions >= 8.15.0 and < 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users that have roles that contain all the following priv
nvd
CVE-2026-0532P2HIGHCVSS 8.6≥ 8.15.0, ≤ 8.19.9≥ 9.0.0, ≤ 9.1.9+1 more2026-01-14
CVE-2026-0532 [HIGH] CWE-918 CVE-2026-0532: External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) c External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticated access with privileges sufficient to create or modif
nvd
CVE-2019-7610P3CRITICALCVSS 9.0fixed in 5.6.15≥ 6.0.0, < 6.6.1+1 more2019-03-25
CVE-2019-7610 [CRITICAL] CWE-94 CVE-2019-7610: Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Ki
nvd
CVE-2023-31414P3HIGHCVSS 8.8≥ 8.0.0, ≤ 8.7.0vversions 8.0.0 through 8.7.02023-05-04
CVE-2023-31414 [HIGH] CWE-94 CVE-2023-31414: Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.
nvd
CVE-2024-37288P3HIGHCVSS 8.8v8.15.02024-09-09
CVE-2024-37288 [HIGH] CWE-502 CVE-2024-37288: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.
nvd
CVE-2024-12556P3CRITICALCVSS 9.8≥ 8.16.1, < 8.16.4≥ 8.17.0, < 8.17.2+1 more2025-04-08
CVE-2024-12556 [CRITICAL] CWE-1321 CVE-2024-12556: Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined with Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined with path traversal.
nvd
CVE-2023-31415P3HIGHCVSS 8.8v8.7.0vversion 8.7.02023-05-04
CVE-2023-31415 [HIGH] CWE-94 CVE-2023-31415: Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to t Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.
nvd
CVE-2024-43706P3HIGHCVSS 8.8≤ 8.12.0≥ 8.12.0, < 8.12.12025-06-10
CVE-2024-43706 [HIGH] CWE-285 CVE-2024-43706: Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Syntheti Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint.
nvd
CVE-2018-17245P3CRITICALCVSS 9.8≥ 4.0.0, ≤ 4.6.0≥ 5.0.0, ≤ 5.6.12+2 more2018-12-20
CVE-2018-17245 [CRITICAL] CWE-201 CVE-2018-17245: Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorizatio Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports. If a report requests external resources plaintext credentials are included in the HTTP request that could be recovered by an external resource provider.
nvd
CVE-2026-26938P3HIGHCVSS 7.7v9.3.0≥ 9.3.0, ≤ 9.3.02026-02-26
CVE-2026-26938 [HIGH] CWE-1336 CVE-2026-26938: Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) via Code Injection (CAPEC-242). This requires an authenticated user who has the workflowsManagement:execu
nvd
CVE-2021-22142P3HIGHCVSS 8.8≥ 7.0.0, < 7.13.02023-11-22
CVE-2021-22142 [HIGH] CWE-1104 CVE-2021-22142: Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to gener Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protect
nvd
CVE-2024-37287P3HIGHCVSS 7.2≥ 7.7.0, < 7.17.23≥ 8.0.0, < 8.14.2+1 more2024-08-13
CVE-2024-37287 [HIGH] CWE-94 CVE-2024-37287: A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution.
nvd
CVE-2026-42398P3HIGHCVSS 7.7≥ 9.0.0, < 9.2.8≥ 9.3.0, < 9.3.2+2 more2026-05-28
CVE-2026-42398 [HIGH] CWE-918 CVE-2026-42398: Server-Side Request Forgery (CWE-918) in Kibana allows authenticated users with connector management Server-Side Request Forgery (CWE-918) in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations that the egress restriction controls were intended to b
nvd
CVE-2026-4498P3HIGHCVSS 7.7≥ 8.0.0, < 8.19.14≥ 9.0.0, < 9.2.8+2 more2026-04-08
CVE-2026-4498 [HIGH] CWE-250 CVE-2026-4498: Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can le Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges (such as agents, agent policies, and settings management).
nvd
CVE-2026-49093P3HIGHCVSS 7.7≥ 9.3.0, < 9.3.3≥ 9.3.0, ≤ 9.3.22026-05-28
CVE-2026-49093 [HIGH] CWE-918 CVE-2026-49093: Server-Side Request Forgery (CWE-918) in Kibana can allow an authenticated user with connector manag Server-Side Request Forgery (CWE-918) in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block.
nvd
CVE-2024-37285P3HIGHCVSS 7.2≥ 8.10.0, ≤ 8.15.02024-11-14
CVE-2024-37285 [HIGH] CWE-502 CVE-2024-37285: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html#role
nvd
Elastic Kibana vulnerabilities | cvebase