CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

CVE•added 2026/02/26 4:59 p.m.•17 views

CVE-2026-26932

CVE-2026-26932 affects Elastic Packetbeat (PostgreSQL protocol parser) and can cause a Denial of Service via a Go runtime panic when the pgsql protocol is enabled and monitoring traffic on the targeted port. Affected versions include Packetbeat 8.x (up to 8.19.10) and 9.x (up to 9.2.4). The under...

7.5CVSS5.6AI score0.00454EPSS

Exploits0References1Affected Software1

Elastic•added 2026/02/26 4:51 p.m.•10 views

Packetbeat 8.19.11, 9.2.5 Security Update (ESA-2026-10)

Improper Validation of Array Index in Packetbeat Leading to Denial of Service Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go...

5.7CVSS5.5AI score0.00454EPSS

Exploits0

CNNVD•added 2026/02/26 12:0 a.m.•10 views

Elastic Packetbeat 安全漏洞

Elastic Packetbeat is a data collector developed by the Dutch company Elastic. There is a security vulnerability in Elastic Packetbeat, which stems from improper array index validation in the PostgreSQL protocol parser. This vulnerability could allow attackers to trigger a Go runtime crash by...

7.5CVSS5.8AI score0.00454EPSS

Exploits0References1

Positive Technologies•added 2026/02/26 12:0 a.m.•7 views

PT-2026-22162

Name of the Vulnerable Software and Affected Versions Packetbeat affected versions not specified Description A flaw exists in the PostgreSQL protocol parser within Packetbeat that allows for Denial of Service through manipulation of input data. Specifically, improper validation of an array index...

7.5CVSS5.7AI score0.00454EPSS

Exploits0References4

SUSE CVE•added 2026/01/27 12:28 a.m.•3 views

SUSE CVE-2025-68388

Allocation of resources without limits or throttling CWE-770 allows an unauthenticated remote attacker to cause excessive allocation CAPEC-130 of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat...

5.3CVSS5.9AI score0.00309EPSS

Exploits0References2

OSV•added 2026/01/23 2:28 a.m.•4 views

GO-2025-4253 Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via Malicious IPv4 Fragments in github.com/elastic/beats

Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via Malicious IPv4 Fragments in github.com/elastic/beats...

5.3CVSS5.4AI score0.00309EPSS

Exploits0References3

RedhatCVE•added 2026/01/15 10:26 a.m.•10 views

CVE-2026-0529

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

6.5CVSS6.9AI score0.00197EPSS

Exploits0References1

NVD•added 2026/01/14 10:16 a.m.•17 views

CVE-2026-0529

6.5CVSS0.00197EPSS

Exploits0References1

ATTACKERKB•added 2026/01/14 10:9 a.m.•4 views

CVE-2026-0529

6.5CVSS5.6AI score0.00197EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/01/14 10:9 a.m.•27 views

CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers

6.5CVSS0.00197EPSS

Exploits0References1

Vulnrichment•added 2026/01/14 10:9 a.m.•3 views

CVE-2026-0529 Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers

6.5CVSS6.5AI score0.00197EPSS

Exploits0References1

CVE•added 2026/01/14 10:9 a.m.•23 views

CVE-2026-0529

CVE-2026-0529 affects Elastic Beats Packetbeat MongoDB protocol parser. Affected software: Elastic Beats (Packetbeat) versions 7.x, 8.x before 8.19.10, and 9.x before 9.1.10 or 9.2.4. Root cause: Improper validation of array index (CWE-129) in the MongoDB protocol parser, which can permit buffer ...

6.5CVSS6.5AI score0.00197EPSS

Exploits0References1

Positive Technologies•added 2026/01/14 12:0 a.m.•6 views

PT-2026-2848

6.5CVSS6.9AI score0.00197EPSS

Exploits0References2

CNNVD•added 2026/01/14 12:0 a.m.•4 views

Elastic Packetbeat 安全漏洞

Elastic Packetbeat is a data collector from the Dutch company Elastic. Elastic Packetbeat suffers from a security vulnerability that stems from improper validation of array indexes by the MongoDB protocol parser, which could lead to a buffer overflow...

6.5CVSS6.8AI score0.00197EPSS

Exploits0References2

Elastic•added 2026/01/13 8:43 p.m.•10 views

Packetbeat 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-02)

Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers ESA-2026-02 Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacke...

6.5CVSS6.9AI score0.00197EPSS

Exploits0

RedhatCVE•added 2025/12/19 10:13 p.m.•5 views

CVE-2025-68381

Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow CAPEC-100 and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number...

6.5CVSS7.1AI score0.00387EPSS

Exploits0References1

RedhatCVE•added 2025/12/19 10:13 p.m.•4 views

CVE-2025-68388

5.3CVSS7.1AI score0.00309EPSS

Exploits0References1

OSV•added 2025/12/19 12:31 a.m.•2 views

GHSA-FJ69-23M4-CCVV Elasticsearch Packetbeat has Excessive Allocation of Memory and CPU via Malicious IPv4 Fragments

7.5CVSS7AI score0.00309EPSS

Exploits0References4