CVE-2025-27819 Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration

In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apac ...

Continue Reading

June 10, 2025

CVE-2025-27817 Apache Kafka Client: Arbitrary file read and SSRF vulnerability

A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the br ...

Continue Reading

June 10, 2025

CVE-2025-27818 Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration

A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connect ...

Continue Reading

June 10, 2025

CVE-2025-26199

creation_timestamp| type| source ---|---|--- 2025-06-10 06:57:34+00:00| seen|...Read More ...

Continue Reading

June 10, 2025

CVE-2025-26198

creation_timestamp| type| source ---|---|--- 2025-06-10 06:56:40+00:00| seen|...Read More ...

Continue Reading

June 10, 2025

CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and Roundcube to its Known Exploited Vulne ...

Continue Reading

June 10, 2025

CVE-2025-4387

creation_timestamp| type| source ---|---|--- 2025-06-10 05:24:01+00:00| seen|...Read More ...

Continue Reading

June 10, 2025

CVE-2025-5908

creation_timestamp| type| source ---|---|--- 2025-06-10 03:56:55+00:00| seen|...Read More ...

Continue Reading

June 10, 2025

1 1,089 1,090 1,091 1,092 1,093 9,321

Back to Main
Subscribe for the latest news: