CLEANSTART-2026-TK12973 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj applied in versions: 9.2.8-r0, 9.2.8-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-UO87758 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj applied in versions: 8.18.1-r0, 9.1.10-r0

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JF61842 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-40179, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99 applied in versions: 8.18.1-r0, 9.1.10-r0, 9.3.4-r0

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-OX06093 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-40179, CVE-2026-42499, CVE-2026-42501, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 8.18.1-r0, 8.19.15-r0, 8.19.15-r2, 8.19.15-r3, 9.1.10-r0

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-AX33738 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, ghsa-4vq8-7jfc-9cvp, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 8.18.1-r0, 9.1.10-r0, 9.4.0-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-PM88731 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, ghsa-4vq8-7jfc-9cvp, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 8.18.1-r0, 9.1.10-r0, 9.4.0-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

ROS-20260512-73-0010

Vulnerability in beats related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

ROS-20260512-73-0009

Vulnerability in beats related to unchecked array indexing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20260420-73-0041

Vulnerability in beats related to unchecked array indexing. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20260420-73-0040

Vulnerability in beats related to uncontrolled memory allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

GO-2026-4789 Packetbeat does not properly validate an array index in multiple protocol parser components in github.com/elastic/beats

Packetbeat does not properly validate an array index in multiple protocol parser components in github.com/elastic/beats...

GO-2026-4790 Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service in github.com/elastic/beats

Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service in github.com/elastic/beats...

ROS-20260319-73-0034

Vulnerability in beats related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

GO-2026-4360 Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats

Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats...

GHSA-J4J7-VW47-RHFQ vulnerabilities

Vulnerabilities for packages: gitlab-kas, minio-fips, boring-registry-fips, flannel-fips, promxy, kubernetes-csi-external-provisioner-fips, terraform-provider-databricks-fips, ko-fips, kiam, x509-certificate-exporter, dcgm-exporter, kapp-controller-fips, crossplane-provider-aws-route53, cloudbeat...

ROS-20260310-73-0024

Vulnerability in beats related to incorrect input of configuration data. The vulnerability can be exploited remotely...

ROS-20260310-73-0025

Vulnerability in beats related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

GHSA-9H8M-3FM2-QJRQ vulnerabilities

Vulnerabilities for packages: jaeger-operator-fips, minio-fips, hydra, boring-registry-fips, k8s-agents-operator, kubernetes-csi-external-provisioner-fips, kapp-controller-fips, cloudbeat, cluster-api-aws-controller-fips, coredns-fips, kubernetes-csi-external-resizer, keda, rancher-webhook-fips,...

CVE-2025-61728 vulnerabilities

Vulnerabilities for packages: elastic-agent, kubo-fips, kube-arangodb, bento, kine, headlamp-fips, runc, cosign, flux-source-watcher-fips, cloudbeat, flux-kustomize-controller, chaos-mesh-fips, gatekeeper-fips, argo-cd-fips, coredns-fips, consul-k8s-fips, dask-gateway, gpu-operator-fips, steampip...

CLEANSTART-2026-IY17697 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...