cbcvebase.
CVE-2026-0528
published 2026-01-13

CVE-2026-0528: Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation…

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.33%
24.5th percentile
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric data.

Affected

12 ranges
VendorProductVersion rangeFixed in
elastickibana>= 7.0.0 < 7.17.297.17.29
elastickibana>= 8.0.0 < 8.19.108.19.10
elastickibana>= 9.0.0 < 9.1.109.1.10
elastickibana>= 9.2.0 < 9.2.49.2.4
elasticmetricbeat7.0.0 – 7.17.29
elasticmetricbeat8.0.0 – 8.19.9
elasticmetricbeat9.0.0 – 9.1.9
elasticmetricbeat9.2.0 – 9.2.3
github.comelastic_beats_v7>= 0 < 7.0.0-alpha2.0.20251217054608-6e42552a23ce7.0.0-alpha2.0.20251217054608-6e42552a23ce
github.comelastic_beats_v7>= 8.0.0 < 8.19.108.19.10
github.comelastic_beats_v7>= 9.0.0 < 9.1.109.1.10
github.comelastic_beats_v7>= 9.2.0 < 9.2.49.2.4
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.