VDB
CVE-2025-68383
CVE-2025-68383
PUBLISHED
CVSS 6.5 MEDIUM
Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration
EPSS 0.03% · 9.4th percentile
Risk Scores
CVSS v3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.03%
9.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| elastic | filebeat | 8.0.0, 9.0.0, 9.2.0 |
| github.com | elastic/beats/v7 | 9.0.0, 7.7.0, 9.0.0 |
| github.com | elastic/beats | 0, 0 |
| Elastic | Filebeat | 9.0.0, 9.2.0, 7.0.0 |
Timeline
- Dec 18, 2025 CVE Published
- Dec 19, 2025 CVE Updated
- Dec 19, 2025 EPSS Score
- Dec 19, 2025 PoC Published
- Dec 23, 2025 EPSS Score
- Dec 27, 2025 EPSS Score
- Dec 30, 2025 EPSS Score
- Jan 3, 2026 EPSS Score
- Jan 7, 2026 EPSS Score
- Jan 11, 2026 EPSS Score
- Jan 15, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
References
- https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186 advisory
- https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182 advisory
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-31/384179 advisory
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-30/384178 advisory
- https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-36/384184 advisory
- https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-35/384183 advisory
- https://discuss.elastic.co/t/filebeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-32/384180 advisory
- https://discuss.elastic.co/t/elasticsearch-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-33/384181 advisory
- https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187 advisory
- https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-37/384185 advisory
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-68383 advisory
- https://github.com/elastic/beats/commit/27a168fb1c598d4a16748e9a7382bc0d197335a5 url
- https://github.com/elastic/beats/commit/2f971a057eea68e057b47829950cd8c26805df30 url
- https://github.com/elastic/beats/commit/339fa3f887a14c91e0c955b50a3b8819393bd632 url
- https://github.com/elastic/elasticsearch package