Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Severe Kibana flaw allowed attackers to run arbitrary code

(Elastic)

By Divya

A newly disclosed security vulnerability in Elastic’s Kibana platform has put thousands of businesses at risk, with attackers able to execute arbitrary code on vulnerable systems.

The flaw, identified as CVE-2025-25014, carries a critical CVSS score of 9.1, underscoring the urgency for organizations to update their deployments immediately.

Elastic, the company behind Kibana, announced [ESA-2025-07] a critical prototype pollution vulnerability that allows an attacker to execute arbitrary code remotely.

Read more at GBHackers

Click to listen highlighted text!