CVE-2026-0528
published 2026-01-13CVE-2026-0528: Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation…
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.33%
24.5th percentile
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric data.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | >= 7.0.0 < 7.17.29 | 7.17.29 |
| elastic | kibana | >= 8.0.0 < 8.19.10 | 8.19.10 |
| elastic | kibana | >= 9.0.0 < 9.1.10 | 9.1.10 |
| elastic | kibana | >= 9.2.0 < 9.2.4 | 9.2.4 |
| elastic | metricbeat | 7.0.0 – 7.17.29 | — |
| elastic | metricbeat | 8.0.0 – 8.19.9 | — |
| elastic | metricbeat | 9.0.0 – 9.1.9 | — |
| elastic | metricbeat | 9.2.0 – 9.2.3 | — |
| github.com | elastic_beats_v7 | >= 0 < 7.0.0-alpha2.0.20251217054608-6e42552a23ce | 7.0.0-alpha2.0.20251217054608-6e42552a23ce |
| github.com | elastic_beats_v7 | >= 8.0.0 < 8.19.10 | 8.19.10 |
| github.com | elastic_beats_v7 | >= 9.0.0 < 9.1.10 | 9.1.10 |
| github.com | elastic_beats_v7 | >= 9.2.0 < 9.2.4 | 9.2.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats
osv·2026-03-10
CVE-2026-0528 Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats
Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats
Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats
OSV
Metricbeat affected by multiple denial of service vulnerabilities
osv·2026-01-13
CVE-2026-0528 [MEDIUM] Metricbeat affected by multiple denial of service vulnerabilities
Metricbeat affected by multiple denial of service vulnerabilities
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric data.
GHSA
Metricbeat affected by multiple denial of service vulnerabilities
ghsa·2026-01-13
CVE-2026-0528 [MEDIUM] CWE-129 Metricbeat affected by multiple denial of service vulnerabilities
Metricbeat affected by multiple denial of service vulnerabilities
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric data.
No detection rules found.
No public exploits indexed.
2026-01-13
Published