Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Packetbeat may crash if an attacker sends a bad PostgreSQL packet
CVE-2026-26932
Summary
An attacker can crash Packetbeat by sending a specially crafted packet to the PostgreSQL port if it's being monitored. This requires the PostgreSQL protocol to be enabled and the attacker to target the correct port. To fix this, ensure the PostgreSQL protocol is not enabled or configure it securely to prevent this type of attack.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| elasticsearch | packetbeat | > 8.0.0 , <= 8.19.11 | – |
| elasticsearch | packetbeat | > 9.0.0 , <= 9.2.5 | – |
Original title
Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially cra...
Original description
Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requires the pgsql protocol to be explicitly enabled and configured to monitor traffic on the targeted port.
nvd CVSS3.1
5.7
Vulnerability type
CWE-129
Published: 26 Feb 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026