CVE-2026-26933: Packetbeat OOB Read via Malformed Network Packets
CVE-2026-26933 Published on March 19, 2026
Improper Validation of Array Index in Packetbeat Leading to Denial of Service
Improper Validation of Array Index (CWE-129) in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger out-of-bounds read operations, resulting in application crashes or resource exhaustion. This requires the attacker to be positioned on the same network segment as the Packetbeat deployment or to control traffic routed to monitored interfaces.
Vulnerability Analysis
Weakness Type
What is an out-of-bounds array index Vulnerability?
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
CVE-2026-26933 has been classified to as an out-of-bounds array index vulnerability or weakness.
Affected Versions
Elastic Packetbeat:- Version 9.0.0, <= 9.2.4 is affected.
- Version 8.0.0, <= 8.19.10 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.