Elastic Beats
3 CVEs affecting Elastic Beats. Latest disclosed: 2025-07-30. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-25011 | High | 7.0 | 2025-07-30 | An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises fro… |
CVE-2023-49922 | Medium | 6.8 | 2023-12-12 | An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to… |
CVE-2023-31421 | Medium | 5.9 | 2023-10-26 | It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid fo… |