{question}
Has SingleStore been affected by the recent FluentBit vulnerabilities (CVE-2025-12972, CVE-2025-12970, CVE-2025-12978, CVE-2025-12977 and CVE-2025-12969)?
{question}
{answer}
In November 2025, FluentBit was found to have five vulnerabilities that allow attackers to overwrite files, cause buffer overflows, spoof or inject malicious tags, and bypass authentication in certain input plugins. Together, these flaws can enable log tampering, fake telemetry, denial of service, or even remote code execution. The affected CVEs are CVE-2025-12972, CVE-2025-12970, CVE-2025-12978, CVE-2025-12977 and CVE-2025-12969.
SingleStore does leverage FluentBit as part of its audit log forwarding feature and was identified to be using a vulnerable version through the singlestore/operator. We’ve taken steps to immediately patch the affected software.
If you’re a SingleStore Helios customer, the singlestore/operator patch will be available automatically with no action being necessary from you;
If you’re running SingleStore self-managed and using singlestore/operator in your deployment, we advise you to upgrade to the latest patched version of the latter (v4.99.0);
{answer}