CVE-2026-26931

Published: Mar 19, 2026 Last Modified: Mar 19, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,7

Source: [email protected]

Attack Vector: adjacent_network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

Memory Allocation with Excessive Size Value (CWE-789) in the Prometheus remote_write HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation (CAPEC-130).

789

Memory Allocation with Excessive Size Value

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Availability

Potential Impacts:

Dos: Resource Consumption (Memory)

Applicable Platforms

Languages: C, C++, Not Language-Specific

View CWE Details

https://discuss.elastic.co/t/metricbeat-8-19-13-9-2-5-secur…

https://discuss.elastic.co/t/metricbeat-8-19-13-9-2-5-security-update-esa-2026-…

CVE-2026-26931

Description

Memory Allocation with Excessive Size Value

Common Consequences

Applicable Platforms

Iscriviti alla newsletter