Security researchers have identified a cluster of vulnerabilities in Fluent Bit, the high performance open source telemetry agent used across major cloud and Kubernetes environments. The flaws, discovered by Oligo Security and further analyzed by the CERT Coordination Center, allow attackers to bypass authentication, manipulate tags, poison log pipelines, and in some cases achieve remote code execution inside cloud systems.
Fluent Bit is widely deployed as part of the CNCF Fluentd ecosystem and is integrated into logging stacks used by large cloud providers, container platforms, and enterprise SIEM pipelines. Because organizations rely on Fluent Bit to route and process logs, flaws affecting its input plugins and tag handling routines can enable deep compromise of cloud environments.
According to Oligo’s research, the vulnerabilities affect how Fluent Bit processes container metadata, handles tag matching, and verifies authentication in the Forward protocol. CERT/CC published an advisory confirming the issues and warning that many scenarios only require an attacker to reach a network exposed Fluent Bit endpoint.
Five Vulnerabilities With Serious Impact
The new Fluent Bit flaws span input plugins, tag logic, and output file handling, creating multiple paths to compromise:
- CVE-2025-12972 A path traversal issue caused by unsanitized tag values, allowing attackers to overwrite arbitrary files when Fluent Bit derives output paths.
- CVE-2025-12970 A stack buffer overflow in the Docker Metrics plugin triggered simply by creating containers with overly long names, potentially resulting in code execution.
- CVE-2025-12978 A tag matching flaw that treats partial keys as valid matches, letting attackers spoof trusted tags and inject misleading or malicious records.
- CVE-2025-12977 Improper input validation that allows newline injection, traversal sequences, and control characters inside tag keys, corrupting downstream logs or altering routing behavior.
- CVE-2025-12969 Missing authentication enforcement in the in_forward plugin, allowing unauthenticated log injection and telemetry spoofing.
Oligo Security notes that chaining these vulnerabilities gives attackers broad control over how logs are routed and stored. They could erase incriminating telemetry, inject fake events, or redirect logs to attacker controlled locations. In extreme cases, the file overwrite flaw and buffer overflow could be combined to execute malicious code through Fluent Bit itself.
Widespread Industry Impact
CERT/CC’s advisory highlights that organizations using Fluent Bit in containerized or cloud native environments should assume exposure unless they have already upgraded to a patched release. Fluent Bit is commonly paired with services such as Splunk, Elasticsearch, and cloud logging platforms, creating downstream risk if poisoned telemetry is ingested by automated detection tools.
Amazon Web Services, which uses Fluent Bit as part of its managed logging pipelines, participated in coordinated disclosure and urged customers to update immediately. The Fluent Bit project itself acknowledged the flaws and published fixes in versions 4.1.1 and 4.0.12.
Mitigation and Patch Availability
All five vulnerabilities are patched in the latest Fluent Bit releases. Administrators running outdated versions should upgrade from the official source at Fluent Bit.
Additional recommended protections include:
- Avoid dynamic tags for routing
- Use read only mounts for configuration files
- Restrict output paths to prevent tag based path expansion
- Run Fluent Bit as a non root user whenever possible
- Audit network exposure to in_forward, in_http, and in_docker plugins
The Fluent Bit development team, hosted on GitHub, noted that the project receives heavy industry adoption with over ten million daily deployments. The maintainers emphasized that the fixes are stable and recommended for production use.
The discovery follows previous issues such as CVE-2024-4323, a flaw in the built in HTTP server dubbed Linguistic Lumberjack, which allowed denial of service and potential information disclosure. The new research suggests that plugins and tag handling remain a high risk area for Fluent Bit deployments.
Organizations relying on the agent for SIEM ingestion or Kubernetes observability should review their deployments promptly, validate network access, and ensure logs cannot be manipulated by untrusted sources.
