Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

June 25, 2025

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Elastic has published a security advisory addressing two significant vulnerabilities in Kibana, the visualization and dashboarding layer for the Elastic Stack. One vulnerability, CVE-2025-2135, is par …

Published Date:
Jun 25, 2025 (4 hours, 22 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleCVE-2025-0966 – IBM InfoSphere Information Server SQL Injection Vulnerability

Next Article Lwan is an experimental, scalable, high performance HTTP server

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

CVE-2025-5016 – Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

Copilot AI Bug Could Leak Sensitive Data via Email Prompts

EcoFlow’s new portable battery stations are lighter and more powerful (DC plug included)

High-Severity Node.js Flaws Expose Windows Apps to Path Traversal (CVE-2025-27210) & HashDoS (CVE-2025-27209) Attacks

New App to Compress Video to Target File Sizes on Ubuntu

CVE-2025-48957 – AstrBot Path Traversal Vulnerability

CVE-2025-46014 – Honor PC Manager Named Pipe Privilege Escalation Vulnerability

CVE-2025-47227 – Netmake ScriptCase Authentication Bypass

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

Related Posts