CVE-2025-35434 | CISA Thorium up to 1.1.1 Elasticsearch Service certificate validation

September 18, 2025 Yanac

A vulnerability has been found in CISA Thorium up to 1.1.1 and classified as critical. This affects an unknown function of the component Elasticsearch Service. The manipulation leads to improper certificate validation.

This vulnerability is documented as CVE-2025-35434. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More