CVE reporting
This page hosts all known information about any security issues, mitigations and triaged CVEs.
Please reach out to us at info@telemetryforge.io directly for any specific concerns or queries.
Triaged Security Vulnerabilities
This document lists all triaged security vulnerabilities along with their VEX status.
A VEX document is available to download for automation.
| CVE |
Status |
Notes |
| CVE-2023-2953 |
Not Affected |
Fluent Bit does not use this component directly or in the way affected in the CVE. |
Known agent vulnerabilities
High and critical vulnerabilities not triaged for the latest version (ghcr.io/telemetryforge/agent:26.4.4) of the agent are shown below, as reported by Grype.
| Package |
Version Installed |
Vulnerability ID |
Severity |
| libcap |
2.48-10.el9 |
CVE-2026-4878 |
High |
All agent and OSS versions
Full unfiltered reports are shown below, covering all severities and without any filtering for triaged issues.
Agent Version: 25.10.1
Agent Version: 25.10.10
Agent Version: 25.10.11
Agent Version: 25.10.12
Agent Version: 25.10.13
Agent Version: 25.10.19
Agent Version: 25.10.2
Agent Version: 25.10.21
Agent Version: 25.10.22
Agent Version: 25.10.23
Agent Version: 25.10.24
Agent Version: 25.10.3
Agent Version: 25.10.4
Agent Version: 25.10.5
Agent Version: 25.10.6
Agent Version: 25.10.7
Agent Version: 25.10.8
Agent Version: 25.10.9
Agent Version: 25.11.1
Agent Version: 25.11.2
Agent Version: 25.12.1
Agent Version: 25.12.2
Agent Version: 25.12.3
Agent Version: 25.12.4
Agent Version: 25.12.5
Agent Version: 26.1.1
Agent Version: 26.2.4
Agent Version: 26.3.3
Agent Version: 26.3.4
Agent Version: 26.3.5
Agent Version: 26.4.1
Agent Version: 26.4.2
Agent Version: 26.4.3
Agent Version: 26.4.4
Oss Version: 4.0.13
Oss Version: 4.0.14
Oss Version: 4.1.0
Oss Version: 4.1.1
Oss Version: 4.1.2
Oss Version: 4.2.0
Oss Version: 4.2.1
Oss Version: 4.2.2
Oss Version: 4.2.3
Oss Version: 4.2.4
Oss Version: 5.0.0
Oss Version: 5.0.1
Oss Version: 5.0.2
Oss Version: 5.0.3