Elastic Beats

3 CVEs affecting Elastic Beats. Latest disclosed: 2025-07-30. Critical: 0, High: 1.

Top CVEs affecting Elastic Beats
CVESeverityScorePublishedSummary
CVE-2025-25011High7.02025-07-30An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises fro…
CVE-2023-49922Medium6.82023-12-12An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to…
CVE-2023-31421Medium5.92023-10-26It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid fo…