Skip to main content

Fluentd CVE-2026-44025

HIGH
Information Exposure (CWE-200)
2026-06-26 https://github.com/fluent/fluentd GHSA-pr7j-96cj-549h
7.5
CVSS 3.1 · Vendor: https://github.com/fluent/fluentd
Share

Severity by source

Vendor (https://github.com/fluent/fluentd) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
5.9 MEDIUM

Network-reachable and unauthenticated (AV:N/PR:N), but AC:H because exposure depends on a non-default reachable port and on plugins storing secrets in instance variables; high confidentiality loss only, no integrity or availability impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (https://github.com/fluent/fluentd).

CVSS VectorVendor: https://github.com/fluent/fluentd

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 26, 2026 - 17:20 vuln.today
Analysis Generated
Jun 26, 2026 - 17:20 vuln.today

DescriptionCVE.org

Fluentd's Monitor Agent plugin (in_monitor_agent) exposes internal metrics and plugin information via a REST API. It was discovered that the API response (/api/plugins.json and related endpoints) unintentionally includes internal instance variables of loaded plugins.

If any plugins store sensitive information-such as database passwords, API keys, or cloud credentials-in its instance variables, this information may be exposed in plain text to any user or system that has HTTP access to the Monitor Agent API.

Impact

This vulnerability allows for unauthorized information disclosure. An attacker who can reach the Monitor Agent API port (default: 24220) can potentially extract sensitive credentials used by other Fluentd plugins. The impact severity depends highly on the network configuration (whether the Monitor Agent port is exposed to untrusted networks) and the specific plugins configured in the Fluentd instance.

Patches:

v1.19.3

Workarounds

If usesrs cannot immediately update Fluentd to the patched version, they can mitigate this risk by strictly controlling access to the Monitor Agent port.

Ensure the Monitor Agent is only bound to localhost (127.0.0.1) rather than 0.0.0.0.

<source>
  @type monitor_agent
  bind 127.0.0.1
  port 24220
</source>

Use firewall rules (e.g., iptables, AWS Security Groups) to block access to the Monitor Agent port (24220) from untrusted networks or instances.

AnalysisAI

Sensitive information disclosure in Fluentd's Monitor Agent plugin (in_monitor_agent) at versions <= 1.19.2 allows anyone with HTTP access to the metrics API (default TCP port 24220) to read internal instance variables of loaded plugins via /api/plugins.json and related endpoints. Because plugins frequently hold database passwords, API keys, and cloud credentials in instance variables, those secrets can be returned in plain text to unauthenticated callers. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach Monitor Agent on port 24220
Delivery
GET /api/plugins.json
Exploit
Parse exposed plugin instance variables
Execution
Extract plaintext credentials
Impact
Reuse keys to access backend systems

Vulnerability AssessmentAI

Exploitation Exploitation requires two concrete conditions drawn from the advisory: (1) network reachability to the in_monitor_agent HTTP API on its default port 24220 - if the agent is bound only to 127.0.0.1 or the port is firewalled, remote exploitation is not possible; and (2) at least one loaded Fluentd plugin must store sensitive values (DB passwords, API keys, cloud credentials) in its Ruby instance variables, since the leak only exposes whatever those variables contain. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The published CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (7.5, High) treats this as trivially exploitable network-reachable credential disclosure, which is accurate when the agent is bound to a routable interface. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach a Fluentd host's Monitor Agent on TCP 24220 (for example, because it was bound to 0.0.0.0 and is reachable from an adjacent subnet or the internet) simply issues an HTTP GET to /api/plugins.json. The response includes the internal instance variables of loaded output plugins, from which the attacker harvests plaintext database passwords or cloud API keys and then reuses them to pivot into the backing datastores or cloud accounts. …
Remediation Vendor-released patch: upgrade Fluentd to 1.19.3 or later (https://github.com/fluent/fluentd/releases/tag/v1.19.3), which changes the default visibility of config, retry, and debug information returned by in_monitor_agent (PR #5392). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Fluentd instances running v1.19.2 or earlier and determine which are accessible on port 24220 (Monitor Agent default). …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-44025 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy