Skip to main content

Fluentd CVE-2026-44161

HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2026-06-26 https://github.com/fluent/fluentd GHSA-72f5-rr8c-r6gr
7.2
CVSS 3.1 · Vendor: https://github.com/fluent/fluentd
Share

Severity by source

Vendor (https://github.com/fluent/fluentd) PRIMARY
7.2 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
vuln.today AI
5.4 MEDIUM

Network and unauthenticated with no UI, but AC:H because exploitation requires a non-default dynamic-hostname out_http config; scope change for SSRF into other systems, limited confidentiality/availability impact, no integrity impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:N

Primary rating from Vendor (https://github.com/fluent/fluentd).

CVSS VectorVendor: https://github.com/fluent/fluentd

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
Low

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 26, 2026 - 17:22 vuln.today
Analysis Generated
Jun 26, 2026 - 17:22 vuln.today

DescriptionCVE.org

The out_http output plugin allows the use of placeholders (such as ${tag}) in the endpoint configuration parameter. It was discovered that if the placeholder value is derived from untrusted user input, an attacker can maliciously control the destination hostname of the outbound HTTP requests made by Fluentd.

Impact

This vulnerability allows for a Server-Side Request Forgery (SSRF) attack. An unauthenticated attacker can force the Fluentd node to send HTTP requests to arbitrary internal services. This can lead to unauthorized access to internal APIs, data exfiltration, or the compromise of cloud metadata endpoints (e.g., AWS IMDS 169.254.169.254).

Patches

v1.19.3

Workarounds

If an immediate upgrade is not possible, users are strongly advised to apply the following mitigations:

  1. Avoid Dynamic Hostnames
  • Do not use the placeholder in the endpoint parameter as hostname.
  1. Restrict Network Access
  • Use firewall rules (e.g., iptables, AWS Security Groups) to block the Fluentd node from accessing sensitive internal IP addresses, specifically the cloud provider's metadata service and other internal microservices that Fluentd does not explicitly need to access.
  1. Restrict allowed hosts
  • Inject filter to accept allowed hosts in placeholders explicitly if possible.

AnalysisAI

{tag}) whose value is derived from untrusted log data, an attacker who can influence that data forces the Fluentd node to call arbitrary internal services. There is no public exploit identified at time of analysis, but the upstream fix is shipped in v1.19.3 (PR #5394 adds strict host validation for dynamic endpoints).

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify Fluentd with dynamic out_http endpoint
Delivery
Inject crafted log event with malicious tag/record
Exploit
Placeholder expands to attacker-chosen host
Execution
Fluentd issues SSRF request to internal target
Persist
Reach cloud metadata or internal API
Impact
Exfiltrate credentials or sensitive data

Vulnerability AssessmentAI

Exploitation Requires the out_http output plugin to be configured with a placeholder (e.g. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L, base 7.2) presents this as network-reachable, low-complexity, unauthenticated, with a scope change reflecting that the SSRF reaches systems beyond Fluentd itself. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A Fluentd aggregator is configured with an out_http endpoint such as http://${tag}/ingest to dynamically route logs. An attacker submits crafted log events whose tag (or record field) resolves to 169.254.169.254, causing Fluentd to request the cloud metadata endpoint and potentially leak IAM credentials, or to reach an internal admin API otherwise unexposed. …
Remediation Upgrade to Fluentd 1.19.3, which adds strict host validation for dynamic out_http endpoints (upstream PR https://github.com/fluent/fluentd/pull/5394); this is a tagged release, so apply Vendor-released patch: 1.19.3 as the primary fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: identify all Fluentd instances and versions across production and development environments. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-44161 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy