Vulnerability DatabaseCVE-2025-68383

CVE-2025-68383:
Filebeat vulnerability analysis and mitigation

Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a malformed Syslog message or a malicious tokenizer pattern in the Dissect configuration.

Source: NVD

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

6.5

Score

Published December 18, 2025

Severity MEDIUM

CNA Score 6.5

Affected Technologies

Filebeat
Chainguard

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 8.8

Exploitation Probability (EPSS) N/A

Affected packages and libraries

github.com/elastic/beats/v7
filebeat

Sources

NVD
Chainguard
- Chainguard Has FixAdded at: Dec 26, 2025
GitHub Advisory Database
- GoLang Severity MEDIUMHas FixAdded at: Dec 22, 2025
Homebrew
- Homebrew Severity MEDIUMHas FixAdded at: Dec 26, 2025
Nix
- Nix Severity MEDIUMHas FixAdded at: Dec 26, 2025

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Filebeat vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2024-41110	CRITICAL	9.9	cAdvisor	prometheus-2.51	No	Yes	Jul 24, 2024
CVE-2024-34158	HIGH	7.5	cAdvisor	openshift4::ose-cluster-cloud-controller-manager-rhel9-operator@sha256:42b9bd87e28c0ae8ac1dd12de1475c9a81cab0a1279bae9b94c7aa101d2cb2a6_ppc64le	No	Yes	Sep 06, 2024
CVE-2024-34156	HIGH	7.5	cAdvisor	openshift4::ose-machine-api-provider-gcp-rhel9@sha256:52dc5b3ed815d78fa1dc1f41608306d9283a6f8fa4f406e8524337983bd0a25b_ppc64le	No	Yes	Sep 06, 2024
CVE-2025-68383	MEDIUM	6.5	Filebeat	github.com/elastic/beats/v7	No	Yes	Dec 18, 2025
CVE-2024-34155	MEDIUM	4.3	cAdvisor	kubernetes-csi-external-resizer-fips-1.8	No	Yes	Sep 06, 2024