Elasticsearch vs Weaviate
Side-by-side trajectory, velocity, and editorial themes.
Elastic ships a coordinated wave of Kibana CVE patches alongside steady Rally tooling work.
Elastic's recent feed is dominated by a single-day cluster of Kibana security advisories (ESA-2026-32 through 40): SSRF, denial-of-service, privilege-escalation, and stored-injection fixes spanning the 8.19, 9.2, 9.3, and 9.4 branches. The only feature-bearing release is Rally 2.13.0, the benchmarking harness.
This is security-hardening mode. A large, synchronized advisory drop points to an internal audit or coordinated-disclosure cycle rather than feature momentum. Rally aside, the product surface is being patched, not expanded.
Expect follow-on point releases (9.4.x, 8.19.x) consolidating these fixes and a return to feature changelogs once the advisory backlog clears. Watch whether more ESA numbers in this sequence surface.
Weaviate is climbing the stack from vector database to managed memory and retrieval for agents.
Weaviate is extending beyond its vector-database core into the agentic infrastructure layer. Engram, its managed memory and context service for agents, just hit GA, while recent releases added a built-in MCP server, query profiling, and multimodal and audio support. Cloud maturity is advancing in parallel with AWS Shared Cloud GA and more granular role-based access control.
The clear direction is owning agent retrieval end to end — not just storing vectors but supplying memory, MCP-native access, and the hybrid-search quality that determines RAG outcomes. Weaviate is positioning itself as default infrastructure for agent builders, with managed cloud and access controls maturing to match enterprise expectations.
Expect Engram to gain deeper integrations with coding assistants and agent frameworks, and the 1.37 preview features (MCP server, diversity search, query profiling) to move toward GA.
See more alternatives to Elasticsearch →
See more alternatives to Weaviate →