OpenTelemetry eBPF Instrumentation: 10 CVEs Disclosed in a Single Advisory
Ten vulnerabilities hit OpenTelemetry's eBPF Instrumentation (OBI) on May 18, including high-severity parser panics in Memcached, MongoDB, and Postgres handlers that let remote attackers crash the telemetry agent.
Key findings
- Three high-severity remote crash bugs in Memcached, MongoDB, and Postgres protocol parsers
- Memory corruption in the log enricher writev path (CVE-2026-45684) and CPU-mismatch buffer (CVE-2026-45681)
- Java TLS kprobe reads kernel memory instead of user memory (CVE-2026-45683, low severity)
- CappedConcurrentHashMap queue never shrinks, causing heap exhaustion over time (CVE-2026-45682)
- Redis error text exfiltrated into span status messages (CVE-2026-45679)
- All 10 CVEs fixed in a single coordinated OBI release on May 18, 2026
Ten security vulnerabilities were disclosed together on May 18, 2026, affecting the OpenTelemetry eBPF Instrumentation (OBI) project — the open-source agent that uses eBPF to automatically instrument applications for distributed tracing and metrics. The batch, published across a two-hour window, spans parser crashes, memory leaks, kernel memory disclosure, and data exfiltration bugs, with three rated high severity and one low; the remaining six fall at medium severity.
Remote crash bugs in protocol parsers
Three of the four high-severity CVEs involve protocol parsers that can be triggered remotely by unauthenticated attackers. CVE-2026-45686 hits OBI's Memcached text protocol parser: an integer overflow when handling extremely large <bytes> values in storage commands (set, add, replace, append, prepend, cas) can crash the OBI process. CVE-2026-45685 targets the MongoDB wire-protocol parser, where malformed messages trigger uncaught panics before input validation completes — a single crafted packet suffices. CVE-2026-45678 affects the Postgres protocol parser's BIND message handling: the parser assumes a valid NUL-terminated portal name, and an empty or unterminated payload causes a slice-bounds panic.
Memory safety and information disclosure
Several bugs involve OBI reading or writing memory beyond intended boundaries. CVE-2026-45684 describes a flaw in the log enricher's writev path: the enricher reads only the first iovec entry but uses the total iov_iter.count as the copy length, allowing a crafted multi-segment writev call to overread and overwrite memory beyond the first segment. CVE-2026-45681 affects the per-CPU message-buffer fallback path — a 256-byte backup buffer is used while preserving the original payload size (up to 8KB), so a CPU mismatch can cause OBI to read beyond the fallback buffer and leak adjacent memory into telemetry.
CVE-2026-45683 (rated low severity) is a kernel memory disclosure via the Java TLS ioctl kprobe: the probe reads user-controlled ioctl pointers with bpf_probe_read instead of bpf_probe_read_user, so an instrumented local process can point OBI at kernel memory and have that data copied into telemetry output.
Resource exhaustion and data leaks
CVE-2026-45682 targets the custom CappedConcurrentHashMap used for Java TLS state tracking. The map never removes keys from its insertion-order queue when entries are deleted, so repeated connection churn in long-running instrumented JVMs grows the queue without bound, eventually exhausting heap memory. CVE-2026-45680 describes an unbounded CPU-exhaustion loop in the BPF internal metrics replay: OBI replays BPF probe hits into histogram observations by looping once per recorded run count, and on busy systems the run-count delta can become very large, causing the metrics exporter to burn excessive CPU every collection interval.
CVE-2026-45679 addresses a data-exfiltration concern: OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values (tokens, PII), this behavior can leak confidential input into telemetry backends and inject untrusted text into downstream analysis systems.
Local ELF parsing crash
CVE-2026-45676 covers OBI's replacement ELF parser (fastelf), which trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language.
Patch status and response
The OpenTelemetry project has addressed all ten CVEs in a coordinated release. Users should update to the latest version of the OBI agent as soon as possible. The advisory and patch details are available in the OpenTelemetry eBPF Instrumentation security advisory. No in-the-wild exploitation has been reported at the time of disclosure.
Why this matters
OBI is deployed as a privileged agent in production environments to capture telemetry from instrumented applications. The breadth of this batch — spanning remote crash vectors, memory corruption, kernel memory reads, and data exfiltration — means that an unpatched OBI agent represents a significant attack surface. Organizations running OBI should prioritize updating, particularly if the agent is deployed in environments where untrusted network traffic reaches instrumented Memcached, MongoDB, or Postgres instances, or where Redis error messages may carry sensitive data.