Known Vulnerabilities for Apm Server by Elastic
Listed below are 1 of the newest known vulnerabilities associated with "Apm Server" by "Elastic".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-61459 json | MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools (kubectl_get, kubectl_des... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-61454 json | The Grav Admin2 plugin (getgrav/grav-plugin-admin2) before 2.0.4 embeds a global JavaScript variable window.__GRAV_CONFIG__ i... | Not Provided | 2026-07-11 | 2026-07-11 |
| CVE-2026-61448 json | Parse Server is affected by a stored cross-site scripting (XSS) vulnerability in versions >= 9.0.0, < 9.10.0-alpha.2 and <= 8... | Not Provided | 2026-07-11 | 2026-07-11 |
| CVE-2026-61444 json | PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file parameter is d... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-61429 json | PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that al... | Not Provided | 2026-07-11 | 2026-07-11 |
| CVE-2026-60105 json | Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an inco... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-60104 json | Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the au... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-60091 json | PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs en... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-60002 json | ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outco... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59998 json | sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the ser... | Not Provided | 2026-07-08 | 2026-07-08 |