pkg:Maven/org.apache.kafka:kafka-clients

7 total CVEsCRITICAL1HIGH2MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2026-33557Apache Kafka does not validate JWT tokens in its OAUTHBEARER authentication implementation
    >= 4.1.0, < 4.1.2
  • HIGH8.7CVE-2026-35554Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition
    >= 2.8.0, < 3.9.2
  • HIGH7.5CVE-2025-27817Apache Kafka Client Arbitrary File Read and Server Side Request Forgery Vulnerability
    >= 3.1.0, < 3.9.1
  • MEDIUM6.8CVE-2017-12610Improper Authentication in Apache Kafka
    >= 0.10.0.0, < 0.10.2.2
  • MEDIUM6.5CVE-2024-31141Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
    >= 2.3.0, < 3.7.1
  • MEDIUM5.9CVE-2021-38153Observable Discrepancy in Apache Kafka
    >= 2.0.0, < 2.6.3
  • MEDIUM5.3CVE-2026-33558Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output
    >= 0.11.0, < 3.9.2