2 matches found
CVE-2026-56447
MISP allowed an authenticated site administrator to set the Kafkardkafkaconfig setting to an arbitrary filesystem path. MISP subsequently parsed the referenced INI file and passed its options to rdkafka. A crafted attacker-controlled configuration file could use rdkafka options such as...
PT-2026-51311
Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An authenticated site administrator can set the Kafka rdkafka config setting to an arbitrary filesystem path. The system parses the referenced INI file and passes its options to rdkafka. By usin...