GHSA-PR7J-96CJ-549H
Vulnerability from github – Published: 2026-06-26 16:32 – Updated: 2026-06-26 16:32Fluentd's Monitor Agent plugin (in_monitor_agent) exposes internal metrics and plugin information via a REST API.
It was discovered that the API response (/api/plugins.json and related endpoints) unintentionally includes internal instance variables of loaded plugins.
If any plugins store sensitive information—such as database passwords, API keys, or cloud credentials—in its instance variables, this information may be exposed in plain text to any user or system that has HTTP access to the Monitor Agent API.
Impact
This vulnerability allows for unauthorized information disclosure. An attacker who can reach the Monitor Agent API port (default: 24220) can potentially extract sensitive credentials used by other Fluentd plugins.
The impact severity depends highly on the network configuration (whether the Monitor Agent port is exposed to untrusted networks) and the specific plugins configured in the Fluentd instance.
Patches:
v1.19.3
Workarounds
If usesrs cannot immediately update Fluentd to the patched version, they can mitigate this risk by strictly controlling access to the Monitor Agent port.
Ensure the Monitor Agent is only bound to localhost (127.0.0.1) rather than 0.0.0.0.
<source>
@type monitor_agent
bind 127.0.0.1
port 24220
</source>
Use firewall rules (e.g., iptables, AWS Security Groups) to block access to the Monitor Agent port (24220) from untrusted networks or instances.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.19.2"
},
"package": {
"ecosystem": "RubyGems",
"name": "fluentd"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44025"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-306"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-26T16:32:57Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "Fluentd\u0027s Monitor Agent plugin (`in_monitor_agent`) exposes internal metrics and plugin information via a REST API.\nIt was discovered that the API response (`/api/plugins.json` and related endpoints) unintentionally includes internal instance variables of loaded plugins.\n\nIf any plugins store sensitive information\u2014such as database passwords, API keys, or cloud credentials\u2014in its instance variables,\nthis information may be exposed in plain text to any user or system that has HTTP access to the Monitor Agent API.\n\n### Impact\nThis vulnerability allows for unauthorized information disclosure. An attacker who can reach the Monitor Agent API port (default: `24220`) can potentially extract sensitive credentials used by other Fluentd plugins.\nThe impact severity depends highly on the network configuration (whether the Monitor Agent port is exposed to untrusted networks) and the specific plugins configured in the Fluentd instance.\n\n### Patches:\nv1.19.3\n\n### Workarounds\nIf usesrs cannot immediately update Fluentd to the patched version, they can mitigate this risk by strictly controlling access to the Monitor Agent port.\n\nEnsure the Monitor Agent is only bound to `localhost` (`127.0.0.1`) rather than `0.0.0.0`.\n\n```\n\u003csource\u003e\n @type monitor_agent\n bind 127.0.0.1\n port 24220\n\u003c/source\u003e\n```\n\nUse firewall rules (e.g., iptables, AWS Security Groups) to block access to the Monitor Agent port (`24220`) from untrusted networks or instances.",
"id": "GHSA-pr7j-96cj-549h",
"modified": "2026-06-26T16:32:57Z",
"published": "2026-06-26T16:32:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/fluent/fluentd/security/advisories/GHSA-pr7j-96cj-549h"
},
{
"type": "PACKAGE",
"url": "https://github.com/fluent/fluentd"
},
{
"type": "WEB",
"url": "https://github.com/fluent/fluentd/releases/tag/v1.19.3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Fluentd is Vulnerable to Exposure of Sensitive Information via Monitor Agent API"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.