{"uuid": "d459e8ad-512d-4e81-be13-c42f319dee96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/brutsecurity/909", "content": "CVE-2024-37288, -37285: RCE in Kibana, 9.9 rating \ud83d\udd25\ud83d\udd25\ud83d\udd25\n\nBy improperly deserializing YAML, attackers can perform RCE. The attack is quite complex, but Elastic still recommends updating.\n\nSearch at Netlas.io:\n\ud83d\udc49\u00a0Link: https://nt.ls/cVF9O\n\ud83d\udc49\u00a0Dork: http.favicon.hash_sha256:30db4185530d8617e9f08858787a24b219ac5102321b48515baf5da7ac43b590\n\nRead more: https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/", "creation_timestamp": "2026-07-09T03:00:12.792214Z"}