Unrated severityNVD Advisory· Published Nov 24, 2025· Updated Jan 7, 2026
CVE-2025-12969
CVE-2025-12969
Description
Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- FluentBit/Fluent Bitv5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.