CVE-2025-57564

Name of the Vulnerable Software and Affected Versions CubeAPM version nightly-2025-08-01-1

Description The software allows unauthenticated attackers to inject arbitrary log entries into production systems. This is possible through the /api/logs/insert/elasticsearch/ bulk API endpoint, which accepts bulk log data without authentication or input validation. Successful exploitation may result in false log entries, log poisoning, alert obfuscation, and potential performance degradation of the observability pipeline. The issue affects the core platform and is not limited to specific deployment configurations.

Recommendations Apply authentication to the /api/logs/insert/elasticsearch/ bulk API endpoint. Implement input validation for data received by the /api/logs/insert/elasticsearch/ bulk API endpoint.