CVE-2025-68384

Name of the Vulnerable Software and Affected Versions Elasticsearch (affected versions not specified)

Description A flaw exists in Elasticsearch where a low-privileged authenticated user can trigger excessive resource allocation, leading to a persistent denial of service and potentially causing an out-of-memory (OOM) crash. This occurs through the submission of oversized user settings data. The issue is categorized as an allocation of resources without limits or throttling.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.