cbcvebase.
CVE-2025-68388
published 2025-12-18

CVE-2025-68388: Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory…

PriorityP432medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.31%
22.5th percentile
Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat.

Affected

10 ranges
VendorProductVersion rangeFixed in
elasticpacketbeat8.6.0 – 8.19.8
elasticpacketbeat9.0.0 – 9.1.8
elasticpacketbeat9.2.0 – 9.2.2
elasticsearchpacketbeat>= 8.6.0 < 8.19.98.19.9
elasticsearchpacketbeat>= 9.0.0 < 9.1.99.1.9
elasticsearchpacketbeat>= 9.2.0 < 9.2.39.2.3
github.comelastic_beats>= 8.6.0 < 8.19.98.19.9
github.comelastic_beats>= 9.0.0 < 9.1.99.1.9
github.comelastic_beats>= 9.2.0 < 9.2.39.2.3
github.comelastic_beats_v7>= 0 < 7.0.0-alpha2.0.20251209162832-28cfc80d2f4e7.0.0-alpha2.0.20251209162832-28cfc80d2f4e
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.