On 5 March 2025, Elastic released a security update addressing a critical vulnerability in Kibana, identified as CVE-2025-25012 with a CVSS score of 9.9.
This flaw could allow an attacker to execute arbitrary code on the server. It is strongly recommended to update vulnerable Kibana instances.