CLEANSTART-2026-TK12973 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj applied in versions: 9.2.8-r0, 9.2.8-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-UO87758 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj applied in versions: 8.18.1-r0, 9.1.10-r0

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-JF61842 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-40179, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99 applied in versions: 8.18.1-r0, 9.1.10-r0, 9.3.4-r0

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-OX06093 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-40179, CVE-2026-42499, CVE-2026-42501, ghsa-4vq8-7jfc-9cvp, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 8.18.1-r0, 8.19.15-r0, 8.19.15-r2, 8.19.15-r3, 9.1.10-r0

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-AX33738 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, ghsa-4vq8-7jfc-9cvp, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 8.18.1-r0, 9.1.10-r0, 9.4.0-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-PM88731 Security fixes for CVE-2025-54410, CVE-2026-32952, CVE-2026-33186, CVE-2026-40179, CVE-2026-42151, CVE-2026-42154, ghsa-4vq8-7jfc-9cvp, ghsa-8rm2-7qqf-34qm, ghsa-fw8g-cg8f-9j28, ghsa-p77j-4mvh-x3m3, ghsa-pjcq-xvwq-hhpj, ghsa-vffh-x6r8-xx99, ghsa-wg65-39gg-5wfj applied in versions: 8.18.1-r0, 9.1.10-r0, 9.4.0-r1

Multiple security vulnerabilities affect the elastic-beats package. These issues are resolved in later releases. See references for individual vulnerability details...

GO-2026-4790 Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service in github.com/elastic/beats

Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service in github.com/elastic/beats...

GO-2026-4789 Packetbeat does not properly validate an array index in multiple protocol parser components in github.com/elastic/beats

Packetbeat does not properly validate an array index in multiple protocol parser components in github.com/elastic/beats...

GO-2026-4360 Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats

Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats...

CLEANSTART-2026-IY17697 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-OJ15484 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the elastic-beats-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-FP29743 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-GL18398 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...

CLEANSTART-2026-QD78411 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the elastic-beats-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

Elastic Beats 7.x / 8.x < 8.19.10 / 9.x < 9.1.10 / 9.2.x < 9.2.4 Multiple Vulnerabilities (ESA_2026_01, ESA_2026_02)

The version of Elastic Beats Metricbeat or Packetbeat installed on the remote host is 7.x, 8.x prior to 8.19.10, 9.x prior to 9.1.10, or 9.2.x prior to 9.2.4. It is, therefore, affected by multiple vulnerabilities: - Improper Validation of Array Index CWE-129 and Improper Input Validation CWE-20 ...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...

Improper Validation

github.com/elastic/beats are vulnerable to Improper Validation. The vulnerability is due to insufficient validation of indexes, positions, or offsets in input handling, which allows an attacker to trigger a buffer overflow by sending a malformed Syslog message or a malicious Dissect tokenizer...

Elastic Beats filebeat < 9.1.0 Privilege Escalation

The version of Elastic Beats filebeat installed on the remote host is prior to 9.1.0. It is, therefore, affected by a vulnerability. An uncontrolled search path element vulnerability can lead to local privilege Escalation LPE via Insecure Directory Permissions. The vulnerability arises from...

Elastic Beats Filebeat Installed (Windows)

Binary data elasticbeatsfilebeatwininstalled.nbin...

Inclusion of Functionality from Untrusted Control Sphere

Overview github.com/elastic/beats is a the Lightweight shippers for Elasticsearch & Logstash. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd subprocess. Note: This is only exploitable if the...