Elastic has released a critical security update to address a vulnerability in Kibana, a widely used data visualization and analysis tool for Elasticsearch. This Kibana vulnerability, identified as CVE-2025-25012, could allow attackers to execute arbitrary code on affected systems, posing a severe threat to organizations using Kibana. The vulnerability, categorized under the CVSS scoring system with a dangerous rating of 9.9 out of 10, is described as a form of prototype pollution.
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/kibana-vulnerability-cve-2025-25012/
