Moderate severityNVD Advisory· Published Mar 19, 2026· Updated Mar 19, 2026
Memory Allocation with Excessive Size Value in Metricbeat Leading to Denial of Service
CVE-2026-26931
Description
Memory Allocation with Excessive Size Value (CWE-789) in the Prometheus remote_write HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation (CAPEC-130).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/elastic/beats/v7Go | < 7.0.0-alpha2.0.20260112100137-de072c4e371e | 7.0.0-alpha2.0.20260112100137-de072c4e371e |
Affected products
31- osv-coords30 versionspkg:apk/chainguard/agentbeatpkg:apk/chainguard/agentbeat-fipspkg:apk/chainguard/auditbeat-8.19pkg:apk/chainguard/auditbeat-9.3pkg:apk/chainguard/auditbeat-fips-8.19pkg:apk/chainguard/auditbeat-fips-9.2pkg:apk/chainguard/auditbeat-fips-9.3pkg:apk/chainguard/auditbeat-fips-9.4pkg:apk/chainguard/filebeat-8.19pkg:apk/chainguard/filebeat-9.3pkg:apk/chainguard/filebeat-9.4pkg:apk/chainguard/filebeat-fips-8.19pkg:apk/chainguard/filebeat-fips-9.2pkg:apk/chainguard/filebeat-fips-9.3pkg:apk/chainguard/filebeat-fips-9.4pkg:apk/chainguard/heartbeat-8.19pkg:apk/chainguard/heartbeat-9.3pkg:apk/chainguard/heartbeat-9.4pkg:apk/chainguard/heartbeat-fips-8.19pkg:apk/chainguard/heartbeat-fips-9.2pkg:apk/chainguard/heartbeat-fips-9.3pkg:apk/chainguard/heartbeat-fips-9.4pkg:apk/chainguard/metricbeat-8.19pkg:apk/chainguard/metricbeat-9.3pkg:apk/chainguard/metricbeat-9.4pkg:apk/chainguard/metricbeat-fips-8.19pkg:apk/chainguard/metricbeat-fips-9.2pkg:apk/chainguard/metricbeat-fips-9.3pkg:apk/chainguard/metricbeat-fips-9.4pkg:golang/github.com/elastic/beats/v7
< 0+ 29 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.1-r4
- (no CPE)range: < 7.0.0-alpha2.0.20260112100137-de072c4e371e
- Elastic/Metricbeatv5Range: 8.0.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.