CVE-2026-0529

Improper Validation of Array Index in Packetbeat Leading to Overflow Buffers

Description

Improper Validation of Array Index (CWE-129) in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers (CAPEC-100) through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol parsing is enabled.

INFO

Published Date :

2026-01-14T10:09:02.462Z

Last Modified :

2026-01-14T16:31:01.455Z

Source :

elastic

AFFECTED PRODUCTS

The following products are affected by CVE-2026-0529 vulnerability.

Vendors	Products
Elastic	Packetbeat

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0529.

URL	Resource
https://discuss.elastic.co/t/packetbeat-8-19-10-9-1-10-9-2-4-security-update-esa-2026-02/384520

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact