Lucene search
K

9 matches found

OSV
OSV
added 2026/06/05 5:43 a.m.9 views

BIT-KAFKA-2026-41115 Apache Kafka: Improper Authorization in CONSUMER_GROUP_DESCRIBE API

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

4.3CVSS5.4AI score0.00288EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/03 2:24 a.m.20 views

SUSE CVE-2026-41115

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References3
NVD
NVD
added 2026/06/02 10:16 a.m.19 views

CVE-2026-41115

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

4.3CVSS0.00288EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 8:56 a.m.11 views

CVE-2026-41115 Apache Kafka: Improper Authorization in CONSUMER_GROUP_DESCRIBE API

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

5.8AI score0.00288EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 8:56 a.m.9 views

CVE-2026-41115

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

5.8AI score0.00288EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/02 8:56 a.m.11 views

EUVD-2026-33904

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 8:56 a.m.242 views

CVE-2026-41115

Summary: CVE-2026-41115 describes an improper authorization issue in Apache Kafka related to the CONSUMER_GROUP_DESCRIBE API. The vulnerability discussion notes a discrepancy between ACLs and documented permissions, but states that the correct permission for the API is DESCRIBE GROUP and that the...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Apache Kafka 安全漏洞

Apache Kafka is an open-source distributed streaming platform developed by the Apache Foundation in the United States. This platform enables the acquisition of real-time data, allowing for the creation of applications that can respond instantly to changes in data streams. There is a security...

4.3CVSS5.4AI score0.00288EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.28 views

PT-2026-45725

Name of the Vulnerable Software and Affected Versions Apache Kafka affected versions not specified Description An improper authorization issue exists in the 'CONSUMER GROUP DESCRIBE' 69 API. The implementation validates the DESCRIBE operation on the GROUP resource, which contradicts the READ...

4.3CVSS5.8AI score0.00288EPSS
Exploits0References7
Rows per page
Query Builder