Hi
we have installed kibana - 8.18.4 and nodejs version 20.19.2in ubuntu - 22.04 but still it vulnerable with Risk fector high below is the CVE
CVE: CVE-2025-27209, CVE-2025-27210
Can you please let us know when node version upgrade in which version?
Thanks for advanced
Hi @Ekta,
Having a dig at the CVEs, it looks like CVE-2025-27209 is specific to Node.js v24.x and CVE-2025-27210 relates to Node.js versions 20.x, 22.x, and 24.x:
The latest Kibana v8.x and v9.x look to be on 22.17.1 so I would recommend upgrading to the latest (v8.19.2 or v9.1.2). If you have any further questions feel free to reach out to security@elastic.co.
@carly.richmond can you please let us know when nodejs new version in release in 8.18.x series and also please let us know when kibana 8.19.1 is supported with 8.18.1 elasticsearch?
@carly.richmond currently nodejs version is 20.19.2 so can you please let us know when 20.19.4 version upgrade in which kibana version?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.