Shodan
Vulnerabilities
Vulnerable Software
Elastic:  >> Kibana  >> 9.1.0  Security Vulnerabilities
CVE-2025-37734
Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-12
CVE-2025-25018
Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)
CVSS Score
8.7
EPSS Score
0.001
Published
2025-10-10
CVE-2025-25017
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting (XSS)
CVSS Score
8.2
EPSS Score
0.001
Published
2025-10-10
CVE-2025-25009
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload.
CVSS Score
8.7
EPSS Score
0.001
Published
2025-10-07
CVE-2025-25010
Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting_user role which incorrectly has the ability to access all Kibana Spaces.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved