CVE reporting
This page hosts all known information about any security issues, mitigations and triaged CVEs.
Please reach out to us at info@fluent.do directly for any specific concerns or queries.
Triaged Security Vulnerabilities
This document lists all triaged security vulnerabilities along with their VEX status.
A VEX document is available to download for automation.
| CVE |
Status |
Notes |
| CVE-2023-2953 |
Not Affected |
Fluent Bit does not use this component directly or in the way affected in the CVE. |
Known agent vulnerabilities
High and critical vulnerabilities not triaged for the latest version (ghcr.io/fluentdo/agent:26.1.1) of the agent are shown below, as reported by Grype.
| Package |
Version Installed |
Vulnerability ID |
Severity |
| gnupg2 |
2.3.3-4.el9 |
CVE-2025-68973 |
High |
All agent and OSS versions
Full unfiltered reports are shown below, covering all severities and without any filtering for triaged issues.
Agent Version: 25.10.1
Agent Version: 25.10.10
Agent Version: 25.10.11
Agent Version: 25.10.12
Agent Version: 25.10.2
Agent Version: 25.10.3
Agent Version: 25.10.4
Agent Version: 25.10.5
Agent Version: 25.10.6
Agent Version: 25.10.7
Agent Version: 25.10.8
Agent Version: 25.10.9
Agent Version: 25.11.1
Agent Version: 25.11.2
Agent Version: 25.12.1
Agent Version: 25.12.2
Agent Version: 25.12.3
Agent Version: 25.12.4
Agent Version: 25.7.1
Agent Version: 25.7.2
Agent Version: 25.7.4
Agent Version: 25.8.2
Agent Version: 25.8.4
Agent Version: 25.9.1
Agent Version: 25.9.2
Agent Version: 25.9.3
Agent Version: 25.9.4
Agent Version: 25.9.5
Agent Version: 26.1.1
Oss Version: 4.0.10
Oss Version: 4.0.11
Oss Version: 4.0.12
Oss Version: 4.0.13
Oss Version: 4.0.14
Oss Version: 4.0.3
Oss Version: 4.0.4
Oss Version: 4.0.5
Oss Version: 4.0.6
Oss Version: 4.0.7
Oss Version: 4.0.8
Oss Version: 4.0.9
Oss Version: 4.1.0
Oss Version: 4.1.1
Oss Version: 4.1.2
Oss Version: 4.2.0
Oss Version: 4.2.1
Oss Version: 4.2.2