Primary

Context

Elastic Packetbeat PostgreSQL Protocol Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Elastic Packetbeat versions 8.0.0 prior to 8.19.10 and 9.0.0 prior to 9.2.4. The issue arises from improper validation of array indices in the PostgreSQL protocol parser, which can be exploited by sending specially crafted packets. This manipulation causes a runtime panic in Go, terminating the Packetbeat process. The vulnerability requires the PostgreSQL protocol to be enabled and configured to monitor traffic on the targeted port.

Impact

Exploitation of this vulnerability leads to a Go runtime panic, causing the Packetbeat process to terminate.

Remediation

Users can upgrade to Packetbeat versions 8.19.11 or 9.2.5 to address this vulnerability. For those unable to upgrade, the PostgreSQL protocol parser can be disabled by removing or commenting out the PostgreSQL configuration in 'packetbeat.yml'.

Added: Feb 26, 2026, 6:40 PM

Updated: Feb 26, 2026, 6:40 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

8.3

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

8.3

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Elastic Packetbeat PostgreSQL Protocol Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Elastic Packetbeat

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating