Homepage

kibana-8.18-advanced vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the kibana-8.18-advanced package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2026-1526

*
  • L
CVE-2026-2229

*
  • L
CVE-2026-1527

*
  • C
CVE-2026-1525

*
  • M
Off-by-one Error

*
  • L
CVE-2026-1528

*
  • M
Directory Traversal

*
  • M
Directory Traversal

*
  • L
CVE-2026-3449

*
  • L
CVE-2026-26934

*
  • H
CVE-2026-26935

*
  • H
CVE-2026-26936

*
  • H
CVE-2026-26937

*
  • L
Inefficient Regular Expression Complexity

*
  • H
Buffer Overflow

*
  • L
Algorithmic Complexity

*
  • L
CVE-2025-37728

<8.18.8-r0
  • M
CVE-2025-25017

<8.18.8-r0
  • L
Server-Side Request Forgery (SSRF)

*
  • M
CVE-2025-25009

<8.18.8-r0
  • C
Directory Traversal

*
  • M
CVE-2025-25018

<8.18.8-r0
  • L
OS Command Injection

*
  • L
Allocation of Resources Without Limits or Throttling

*
  • L
CVE-2025-37732

*
  • M
CVE-2025-68385

*
  • M
CVE-2025-48985

*
  • L
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • L
CVE-2026-0532

*
  • L
CVE-2025-68422

*
  • H
Improper Check or Handling of Exceptional Conditions

*
  • C
Deserialization of Untrusted Data

*
  • H
Inefficient Regular Expression Complexity

*
  • H
CVE-2026-2327

*
  • H
CVE-2026-0528

*
  • L
CVE-2025-9910

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Cross-site Scripting (XSS)

*
  • L
CVE-2025-37734

*
  • M
Integer Overflow or Wraparound

*
  • L
CVE-2025-68387

*
  • L
Memory Leak

*
  • L
CVE-2026-0530

*
  • L
Use of Insufficiently Random Values

*
  • L
CVE-2025-68389

*
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • L
CVE-2026-2739

*
  • L
Server-Side Request Forgery (SSRF)

*
  • H
Directory Traversal

*
  • H
Uncontrolled Recursion

*
  • L
CVE-2025-12816

*
  • L
Inefficient Regular Expression Complexity

*
  • L
OS Command Injection

*
  • L
CVE-2025-13204

*
  • H
OS Command Injection

*
  • L
Incorrect Regular Expression

*
  • L
CVE-2026-0531

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • L
CVE-2025-68386

*
  • H
Improper Check or Handling of Exceptional Conditions

*
  • L
Arbitrary Code Injection

*
  • M
Improperly Implemented Security Check for Standard

*
  • L
Improper Check for Unusual or Exceptional Conditions

*
  • L
Improper Input Validation

*
  • L
Directory Traversal

*
  • M
Improper Handling of Unicode Encoding

*
  • M
CVE-2025-13465

*
  • M
Directory Traversal

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • L
GHSA-6475-r3vj-m8vf

*