Home > Vulnerability Database > CVE-2025-12969

Mend.io Vulnerability Database

CVE-2025-12969

Good to know:

Date: November 24, 2025

Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.

Severity Score

6.5

Related Resources (5)

Url: https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-12969

Url: https://fluentbit.io/announcements/v4.1.0/

Url: https://fluentbit.io/blog/2025/10/28/security-vulnerabilities-addressed-in-fluent-bit-v4.1-and-backported-to-v4.0/

Url: https://www.mend.io/vulnerability-database/CVE-2025-12969

Severity Score

6.5

Weakness Type (CWE)

Missing Authentication for Critical Function

CWE-306

Top Fix

Upgrade Version

Upgrade to version https://github.com/fluent/fluent-bit.git - v4.1.0

Learn More

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-12969

Good to know:

Date: November 24, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?