VYPR

Packetbeat

by Elastic

Source repositories

CVEs (5)

  • CVE-2026-0529MedJan 14, 2026
    risk 0.42cvss 6.5epss 0.00

    Improper Validation of Array Index (CWE-129) in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers (CAPEC-100) through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface…

  • CVE-2017-11480HigDec 8, 2017
    risk 0.42cvss 7.5epss 0.01

    Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat…

  • CVE-2026-26933Mar 19, 2026
    risk 0.00cvss epss 0.00

    Improper Validation of Array Index (CWE-129) in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker with the ability to send specially crafted, malformed network packets to a monitored network…

  • CVE-2026-26932Feb 26, 2026
    risk 0.00cvss epss 0.00

    Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process.…

  • CVE-2025-68381Dec 18, 2025
    risk 0.00cvss epss 0.00

    Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow (CAPEC-100) and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number.

VYPR — Vulnerability Intelligence