Lucene search
K

Fluent Bit contains five vulnerabilities, including stack buffer overflow, auth bypass, and path traversal

🗓️ 24 Nov 2025 00:00:00Reported by CERTType 
cert
 cert
🔗 www.kb.cert.org👁 8 Views

Fluent Bit vulnerabilities include path traversal, authentication bypass, and stack overflow; patched at version 4.1.0.

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerabilities of plugins in_http, in_splunk, and in_elasticsearch in the Fluent Bit log collection and processing tool allow attackers to disclose and modify sensitive information.
1 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the in_forward plugin of the Fluent Bit log collection and processing tool allows a hacker to bypass existing security restrictions and gain access to the system.
8 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the in_docker plugin’s extract_name function in the Fluent Bit log collection and processing tool allows a attacker to cause a service failure.
8 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the out_file plugin of the Fluent Bit log collection and processing tool allows a malicious actor to write any file outside of the target directory.
8 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the tag_key validation mechanism in the Fluent Bit log collection and processing tool allows a perpetrator to influence the integrity and accessibility of the protected information.
9 Dec 202500:00
bdu_fstec
CBLMariner
CVE-2025-12970 affecting package fluent-bit for versions less than 3.0.6-5
5 Dec 202503:54
cbl_mariner
CBLMariner
CVE-2025-12969 affecting package fluent-bit for versions less than 3.0.6-6
5 Dec 202503:54
cbl_mariner
CBLMariner
CVE-2025-12977 affecting package fluent-bit for versions less than 3.0.6-6
5 Dec 202503:54
cbl_mariner
CBLMariner
CVE-2025-12977 affecting package fluent-bit for versions less than 3.1.10-3
18 Dec 202523:40
cbl_mariner
CBLMariner
CVE-2025-12969 affecting package fluent-bit for versions less than 3.1.10-3
18 Dec 202523:40
cbl_mariner
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

05 Jan 2026 16:55Current
8.8High risk
Vulners AI Score8.8
CVSS 3.19.1
EPSS0.00806
SSVC
8