elasticsearch

Elasticsearch operators need to act now: a newly published vulnerability, tracked as CVE-2025-68384, lets an authenticated low-privileged user trigger uncontrolled resource allocation that can crash Elasticsearch processes (an OOM-based denial-of-service), and vendor updates resolving the issue...

Elasticsearch operators must treat a newly published vulnerability, tracked as CVE-2025-68390, as a near-term priority: the flaw permits an authenticated user with snapshot restore privileges to trigger excessive memory allocation and a denial-of-service (DoS) via a crafted HTTP request. Elastic...

Elasticsearch maintainers released a security update (ESA‑2025‑27) on December 15, 2025 that fixes CVE‑2025‑37731 — an Improper Authentication bug in Elasticsearch’s PKI realm that can allow user impersonation when specially crafted client certificates are presented and accepted by the server...

Elastic has announced the general availability of Elastic Cloud Serverless on Microsoft Azure, marking a significant milestone in the evolution of cloud-based search and analytics solutions. This development enables developers and enterprises to deploy powerful generative AI, search, security...

Is there any way to limit the maximum RAM that memory maps can use in Windows (for the whole os or a particular process (Elasticsearch)) so that we can keep a java application from being paged out due to lack of memory causing large garbage collection pauses?

Good news to all! A barrage of updates has taken place and more are planned for the future. Specifically, we are looking at updating our database platform and the web server itself. Here are the updates for May 19, 2014: PHP has been updated. Our database server has been updated with new...