Where
-Infinity
0

Trending

Last week
Last month
Last year

Apache KafkaApache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Risk 30
Severity
5.3
First published (updated )
CVE-2026-33558

Apache KafkaApache Kafka: Missing JWT token validation in OAUTHBEARER authentication

Risk 70
Severity
9.1
First published (updated )
CVE-2026-33557

Apache KafkaRace Condition

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2455916

Apache KafkaSSRF

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2371367

Apache KafkaIn CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule confi…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2371365
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache KafkaA possible security vulnerability has been identified in Apache Kafka. This requires access to a alt…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2371368

maven/org.apache.kafka:kafkaApache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration

Risk 84
Severity
8.8
First published (updated )
CVE-2025-27819

IBM Guardium Data ProtectionApache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration

Risk 85
Severity
8.8
First published (updated )
CVE-2025-27818

IBM Guardium Data ProtectionApache Kafka Client: Arbitrary file read and SSRF vulnerability

Risk 47
Severity
7.5
First published (updated )
CVE-2025-27817

Apache KafkaImportant: Streams for Apache Kafka 2.9.0 release and security update

Risk 32
First published (updated )
Advisory
RHSA-2025:2416
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache KafkaIncorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue …

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2333013

Apache KafkaApache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption

Risk 29
Severity
5.3
First published (updated )
CVE-2024-56128

Apache KafkaApache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider

Risk 41
Severity
6.5
First published (updated )
CVE-2024-31141

CVE-2024-27309: Apache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode

First published (updated )
https://seclists.org/oss-sec/2024/q2/105

maven/org.apache.kafka:kafka-metadataApache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode

Risk 59
Severity
7.4
First published (updated )
CVE-2024-27309
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache Software Foundation Kafka 3.6Reached end of life

EOL
Feb 27, 2024
First published (updated )
latest-version-apache-kafka-3.6

Apache Software Foundation Kafka 3.6Reached end of life

EOL
Feb 27, 2024
First published (updated )
EOL-apache-kafka-3.6

IBM Cognos AnalyticsApache Kafka Connect API: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect

Risk 84
Severity
8.8
First published (updated )
CVE-2023-25194

Apache Software Foundation Kafka 3.3Reached end of life

EOL
Feb 6, 2023
First published (updated )
EOL-apache-kafka-3.3

Apache Software Foundation Kafka 3.3Reached end of life

EOL
Feb 6, 2023
First published (updated )
latest-version-apache-kafka-3.3
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache KafkaUnauthenticated clients may cause OutOfMemoryError on Apache Kafka Brokers

Risk 46
Severity
7.5
First published (updated )
CVE-2022-34917

Oracle Financial Services Enterprise Case ManagementTiming Attack Vulnerability for Apache Kafka Connect and Clients

Risk 37
Severity
5.9
First published (updated )
CVE-2021-38153

Eclipse JettyEclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when G…

Risk 37
Severity
4.8
First published (updated )
CVE-2020-27218

Apache Software Foundation Kafka 2.6Reached end of life

EOL
Nov 15, 2021
First published (updated )
EOL-apache-kafka-2.6

Apache Software Foundation Kafka 2.6Reached end of life

EOL
Nov 15, 2021
First published (updated )
latest-version-apache-kafka-2.6
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache KafkaInfoleak

Risk 45
Severity
7.5
First published (updated )
CVE-2019-12399

Apache KafkaIn Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce requ…

Risk 79
Severity
8.8
First published (updated )
CVE-2018-17196

Apache Software Foundation Kafka 2.3Reached end of life

EOL
Dec 16, 2019
First published (updated )
EOL-apache-kafka-2.3

Apache Software Foundation Kafka 2.3Reached end of life

EOL
Dec 16, 2019
First published (updated )
latest-version-apache-kafka-2.3

Apache Software Foundation Kafka 2.2Reached end of life

EOL
Dec 1, 2019
First published (updated )
EOL-apache-kafka-2.2
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203