CVE-2026-0528 — Improper Validation of Array Index in Metricbeat

CWE-129 — Improper Validation of Array Index6 documents5 sources

Severity

7.5HIGHNVD

CNA6.5

EPSS

0.1%

top 83.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Elastic Beats V7 Elastic Kibana Elastic Metricbeat

Timeline

PublishedJan 13

Latest updateMar 10

Description

Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5elastic/metricbeat7.0.0 — 7.17.29+3

▶NVDelastic/kibana7.0.0 — 7.17.29+3

▶Gogithub.com/elastic_beats_v78.0.0 — 8.19.10+3

🔴Vulnerability Details

OSV

Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats↗2026-03-10

▶

OSV

Metricbeat affected by multiple denial of service vulnerabilities↗2026-01-13

▶

CVEList

Improper Input Validation in Metricbeat Leading to Denial of Service↗2026-01-13

▶

GHSA

Metricbeat affected by multiple denial of service vulnerabilities↗2026-01-13

▶

🕵️Threat Intelligence

Wiz

CVE-2026-0528 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶