{"id":"GO-2026-4360","summary":"Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats","details":"Metricbeat affected by multiple denial of service vulnerabilities in github.com/elastic/beats","aliases":["CVE-2026-0528","GHSA-w2gr-585j-r428"],"modified":"2026-03-23T04:52:25.235122Z","published":"2026-03-10T18:28:01Z","related":["CGA-cf6x-5qcj-8h59"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2026-4360"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-w2gr-585j-r428"},{"type":"FIX","url":"https://github.com/elastic/beats/commit/0025fbfe668936eb8fa65b838508faf3c3c04387"},{"type":"FIX","url":"https://github.com/elastic/beats/commit/6e42552a23cec734e7977ebd3eb7fb797ddce456"},{"type":"FIX","url":"https://github.com/elastic/beats/commit/c7664c91a5a68c2df782bfeffe4fb7f42ff2ad1a"},{"type":"WEB","url":"https://discuss.elastic.co/t/metricbeat-8-19-10-9-1-10-9-2-4-security-update-esa-2026-01/384519"}],"affected":[{"package":{"name":"github.com/elastic/beats","ecosystem":"Go","purl":"pkg:golang/github.com/elastic/beats"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"custom_ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.0.0"},{"fixed":"8.19.10"},{"introduced":"9.0.0"},{"fixed":"9.1.10"},{"introduced":"9.2.0"},{"fixed":"9.2.4"}]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-4360.json"}},{"package":{"name":"github.com/elastic/beats/v7","ecosystem":"Go","purl":"pkg:golang/github.com/elastic/beats/v7"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"7.0.0-alpha2.0.20251217054608-6e42552a23ce"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/elastic/beats/v7/metricbeat/helper/prometheus","symbols":["MetricFamily.GetUnit","ParseMetricFamilies"]},{"path":"github.com/elastic/beats/v7/metricbeat/module/graphite/server","symbols":["template.Apply"]},{"path":"github.com/elastic/beats/v7/metricbeat/module/zookeeper/server","symbols":["parseSrvr"]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-4360.json"}}],"schema_version":"1.7.5"}