Sign In

CVE-2026-0528

ADVISORY - github

Summary

Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input Validation (CWE-20) exists in the Prometheus helper module that can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed metric data.

EPSS Score: 0.00047 (0.143)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-129

Improper Validation of Array Index

ADVISORY - github

CWE-129

Improper Validation of Array Index

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in