Elastic Metricbeat vulnerabilities
2 known vulnerabilities affecting elastic/metricbeat.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-26931MEDIUMCVSS 5.7≥ 8.0.0, ≤ 8.19.122026-03-19
CVE-2026-26931 [MEDIUM] CWE-789 CVE-2026-26931: Memory Allocation with Excessive Size Value (CWE-789) in the Prometheus remote_write HTTP handler in
Memory Allocation with Excessive Size Value (CWE-789) in the Prometheus remote_write HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation (CAPEC-130).
cvelistv5nvd
CVE-2026-0528HIGHCVSS 7.5≥ 7.0.0, ≤ 7.17.29≥ 8.0.0, ≤ 8.19.9+2 more2026-01-13
CVE-2026-0528 [HIGH] CWE-129 CVE-2026-0528: Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a D
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper mo
cvelistv5nvd