Elastic has released security enhancements to tackle a severe security vulnerability affecting the Kibana data visualization interface for Elasticsearch, which could lead to arbitrary code execution. The weakness, identified as CVE-2025-25012, holds a CVSS score of 9.9 on a scale where 10.0 is the highest. This issue has been characterized as an instance of prototype contamination.

“Prototype contamination in Kibana causes to