Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

June 25, 2025

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Elastic has published a security advisory addressing two significant vulnerabilities in Kibana, the visualization and dashboarding layer for the Elastic Stack. One vulnerability, CVE-2025-2135, is par …

Published Date:
Jun 25, 2025 (4 hours, 22 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleCVE-2025-0966 – IBM InfoSphere Information Server SQL Injection Vulnerability

Next Article Lwan is an experimental, scalable, high performance HTTP server

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-7898 – “Codcanyon iDentSoft File Upload Vulnerability”

CVE-2025-40657 – DM Corporative CMS SQL Injection Vulnerability

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild

How to Build Production-Ready Full Stack Apps with the MERN Stack

New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims

CVE-2025-3635 – Moodle CSRF Tour Duplicating Vulnerability

Surface Pro 11 battery life cut in half — Microsoft is “actively investigating”

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Related Posts