Elastic · Packetbeat · CVE-2026-26932
**Name of the Vulnerable Software and Affected Versions**
Packetbeat (affected versions not specified)
**Description**
A flaw exists in the PostgreSQL protocol parser within Packetbeat that allows for Denial of Service through manipulation of input data. Specifically, improper validation of an array index can cause a Go runtime panic, leading to the termination of the Packetbeat process. This requires the pgsql protocol to be explicitly enabled and configured to monitor traffic on the targeted port.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.