fluent fluent-bit Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of fluent fluent-bit's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical3

High7

Medium3

Low0

3 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of fluent fluent-bit's CVEs are currently listed in CISA's KEV catalog.

Public exploits

4 of fluent fluent-bit's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every fluent fluent-bit version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

0.13-dev-0.1013 CVEs
0.13-dev-0.1113 CVEs
0.13-dev-0.1213 CVEs
0.13-dev-0.1313 CVEs
0.13-dev-0.1413 CVEs
0.13-dev-0.1513 CVEs
0.13-dev-0.1613 CVEs
0.13-dev-0.1713 CVEs
0.13-dev-0.1813 CVEs
0.13-dev-0.413 CVEs
0.13-dev-0.513 CVEs
0.13-dev-0.613 CVEs
0.13-dev-0.713 CVEs
0.13-dev-0.813 CVEs
0.13-dev-0.913 CVEs
v0.10.013 CVEs
v0.11.013 CVEs
v0.12.013 CVEs
v0.12.113 CVEs
v0.12.213 CVEs
v0.12.313 CVEs
v0.12.413 CVEs
v0.13.013 CVEs
v0.14.013 CVEs
v0.313 CVEs
v0.413 CVEs
v0.513 CVEs
v0.5.113 CVEs
v0.6.013 CVEs
v0.7.013 CVEs
v0.8.013 CVEs
v0.8.113 CVEs
v0.8.213 CVEs
v0.9.013 CVEs
v1.0.013 CVEs
v1.1.012 CVEs
v1.2.012 CVEs
v1.3.012 CVEs
v1.4.012 CVEs
v1.5.012 CVEs
v1.6.012 CVEs
v1.7.011 CVEs
v1.7.0-rc110 CVEs
v1.7.0-rc210 CVEs
v1.7.0-rc310 CVEs
v1.7.0-rc410 CVEs
v1.7.0-rc510 CVEs
v1.7.0-rc610 CVEs
v1.7.0-rc710 CVEs
v1.7.0-rc810 CVEs
v1.7.0-rc910 CVEs
v2.1.1010 CVEs
v2.1.810 CVEs
v2.1.910 CVEs
v2.2.010 CVEs
v2.2.110 CVEs
tiger-2.0.9-dev-202301049 CVEs
v2.0.79 CVEs
v2.0.89 CVEs
v2.0.99 CVEs
v2.1.09 CVEs
v2.1.0-rc19 CVEs
v2.1.0-rc29 CVEs
v2.1.19 CVEs
v2.1.29 CVEs
v2.1.39 CVEs
v2.1.49 CVEs
v2.1.59 CVEs
v2.1.5-windows-artifact-fix9 CVEs
v2.1.69 CVEs
v2.1.79 CVEs
v2.2.29 CVEs
ci-release-test8 CVEs
unstable8 CVEs
unstable-master8 CVEs
v1.8.08 CVEs
v1.8.0-rc18 CVEs
v1.9.08 CVEs
v1.9.0-ci-test-18 CVEs
v1.9.0-rc18 CVEs
v1.9.0-rc28 CVEs
v1.9.0-rc38 CVEs
v1.9.0-rc48 CVEs
v1.9.18 CVEs
v1.9.28 CVEs
v1.9.38 CVEs
v1.9.48 CVEs
v1.9.58 CVEs
v1.9.68 CVEs
v2.0.08 CVEs
v2.0.0-rc18 CVEs
v2.0.0-rc28 CVEs
v2.0.0-rc38 CVEs
v2.0.0pre8 CVEs
v2.0.18 CVEs
v2.0.28 CVEs
v2.0.38 CVEs
v2.0.48 CVEs
v2.0.58 CVEs
v2.0.68 CVEs
v3.0.08 CVEs
v3.0.18 CVEs
v3.0.28 CVEs
v3.0.38 CVEs
v3.0.47 CVEs
v3.0.57 CVEs
v3.0.67 CVEs
v3.1.07 CVEs
v3.1.17 CVEs
v3.1.27 CVEs
v3.1.37 CVEs
v3.1.47 CVEs
v3.1.57 CVEs
v3.1.67 CVEs
v3.1.77 CVEs
v3.2.05 CVEs
v3.2.15 CVEs
v3.2.25 CVEs
v3.2.35 CVEs
v3.2.45 CVEs
v4.0.05 CVEs
v4.0.15 CVEs
v4.0.25 CVEs
v4.0.35 CVEs
v4.0.45 CVEs
v4.1.05 CVEs
v1.7.13 CVEs
v3.1.82 CVEs
v3.1.92 CVEs
v1.0.11 CVE
v1.0.21 CVE
v1.0.31 CVE
v1.0.41 CVE
v1.6.11 CVE
v1.6.101 CVE
v1.6.21 CVE
v1.6.31 CVE
v1.6.41 CVE
v1.6.51 CVE
v1.6.61 CVE
v1.6.71 CVE
v1.6.81 CVE
v1.6.91 CVE
v1.7.21 CVE
v1.7.31 CVE
v1.7.41 CVE

Fixed in

22346a74c07ceb90296be872be2d53eb92252a541 CVE
626b22f1dff69c155a2d84df7625c58b78881eeb1 CVE
7de2c45227468b51d6337141efbe2827dc48ea5f1 CVE
9311b43a258352797af40749ab31a63c32acfd041 CVE
be238e162cf97669fa3be3bfb6c7830a8dc6ce9d1 CVE
cadff53c093210404aed01c4cf586adb8caa07af1 CVE
eeea396e88da26f586a7cc39df8017ab97f069391 CVE

Find a version

16 CVEs

Sort

CVE-2025-12978
CVE-2025-12978
Patch
Medium · CVSS 5.4
EPSS 0.3% (51th pct)2025-11-24
CVE-2025-12969
CVE-2025-12969
Patch
Medium · CVSS 6.5
EPSS 0.1% (27th pct)2025-11-24
CVE-2025-12972
CVE-2025-12972
Patch
Medium · CVSS 5.3
EPSS 0.1% (28th pct)2025-11-24
CVE-2025-12977
CVE-2025-12977
Patch
CWE-1287
Critical · CVSS 9.1
EPSS 0.1% (27th pct)2025-11-24
CVE-2025-12970
CVE-2025-12970
Patch
High · CVSS 8.8
EPSS 0.2% (41th pct)2025-11-24
High vulnerability · 2025-02-18
CVE-2024-50609
Patch
CWE-476
High · CVSS 7.5
EPSS 0.7% (72th pct)2025-02-18
High vulnerability · 2025-02-18
CVE-2024-50608
Patch
CWE-476
High · CVSS 7.5
EPSS 1.0% (77th pct)2025-02-18
Critical vulnerability · 2024-05-20
CVE-2024-4323
Patch
CWE-122
Critical · CVSS 9.8
EPSS 84.6% (99th pct)2024-05-20
High vulnerability · 2024-03-26
CVE-2024-23722
Public exploit
Patch
CWE-476
High · CVSS 7.5
EPSS 0.9% (76th pct)2024-03-26
High vulnerability · 2024-02-26
CVE-2024-26455
Public exploit
Patch
CWE-416
High · CVSS 7.5
EPSS 0.1% (21th pct)2024-02-26
High vulnerability · 2023-04-11
CVE-2021-46879
Public exploit
Patch
CWE-787
High · CVSS 7.8
EPSS 0.1% (21th pct)2023-04-11
High vulnerability · 2023-04-11
CVE-2021-46878
Public exploit
Patch
CWE-843
High · CVSS 7.8
EPSS 0.1% (23th pct)2023-04-11
Critical vulnerability · 2021-07-01
CVE-2021-36088
Patch
CWE-415
Critical · CVSS 9.8
EPSS 0.5% (67th pct)2021-07-01
Vulnerability · 2021-02-10
CVE-2021-27186
Patch
Unscored
EPSS 0.4% (62th pct)2021-02-10
Vulnerability · 2021-01-03
CVE-2020-35963
Patch
Unscored
EPSS 0.4% (60th pct)2021-01-03
Vulnerability · 2019-03-13
CVE-2019-9749
Unscored
EPSS 1.0% (77th pct)2019-03-13

Severity and exploitation

fluent fluent-bit Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Fixed in

Common weakness types

Disclosure activity by year

Other fluent products

Frequently asked questions

How many CVEs does fluent fluent-bit have?

How many fluent fluent-bit CVEs are in CISA KEV?

Are there public exploits for fluent fluent-bit vulnerabilities?

Which versions of fluent fluent-bit are affected?

What are the most common weakness types in fluent fluent-bit CVEs?

How many critical fluent fluent-bit vulnerabilities are there?

What is the average severity of fluent fluent-bit CVEs?

References

Track fluent fluent-bit vulnerabilities