CVE-2026-0528: Metricbeat affected by multiple denial of service vulnerabilities
(updated )
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric data.
References
- discuss.elastic.co/t/metricbeat-8-19-10-9-1-10-9-2-4-security-update-esa-2026-01/384519
- github.com/advisories/GHSA-w2gr-585j-r428
- github.com/elastic/beats
- github.com/elastic/beats/commit/0025fbfe668936eb8fa65b838508faf3c3c04387
- github.com/elastic/beats/commit/6e42552a23cec734e7977ebd3eb7fb797ddce456
- github.com/elastic/beats/commit/c7664c91a5a68c2df782bfeffe4fb7f42ff2ad1a
- nvd.nist.gov/vuln/detail/CVE-2026-0528
Code Behaviors & Features
Detect and mitigate CVE-2026-0528 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →