CVE-2026-33558

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

Sensitive Information Disclosure

Apache Kafka is vulnerable to Sensitive Information Disclosure. The vulnerability is due to logging of sensitive request and response data at DEBUG level in the NetworkClient component, which allows an attacker with log access to obtain sensitive information...

BIT-KAFKA-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

GHSA-WF66-MPHR-4C4R Apache Kafka exposes sensitive information in its DEBUG logs

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

CVE-2026-33558

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

CVE-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

CVE-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

CVE-2026-33558

CVE-2026-33558 affects Apache Kafka: the NetworkClient logs sensitive information at DEBUG level, exposing full requests/responses for certain APIs (AlterConfigsRequest, AlterUserScramCredentialsRequest, ExpireDelegationTokenRequest, IncrementalAlterConfigsRequest, RenewDelegationTokenRequest, Sa...

PT-2026-33644

Name of the Vulnerable Software and Affected Versions Apache Kafka versions prior to 3.9.2 Apache Kafka versions prior to 4.0.1 Description The NetworkClient component outputs complete request and response information when the log level is set to DEBUG. While the default log level is INFO, enabli...

Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can result in the callback being fired later, thereby causing a use-after-free when using the channel. This vulnerability can be exploited by a malicious...

EUVD-2008-5024

Malware in sbrugna...

EUVD-2015-1904

Malware in sbrugna...

EUVD-2022-37743

Malicious code in bioql PyPI...

The vulnerability of the p9_fcall_init() function in the net/9p/client.c module of the 9P protocol implementation in the Linux operating system allows a hacker to induce a service failure.

The vulnerability of the p9fcallinit function in the net/9p/client.c module of the 9P protocol implementation in the Linux operating system is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Shenzhen Libituo Technology LBT-T300-T400 安全漏洞

The Shenzhen Libituo Technology LBT-T300-T400 is an industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-T400 v.3.2, which is caused by a buffer overflow vulnerability that can be exploited by a local attacker to...

CVE-2022-34837

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon...

Debian DLA-2786-1 : nghttp2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2786 advisory. - nghttp2 version = 1.10.0 and nghttp2 = 1.31.1. CVE-2018-1000168 - In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial ...

GHSA-H7QH-3H6F-W79P Unexpected panic in multihash

In versions prior 0.11.3 it's possible to make fromslice panic by feeding it certain malformed input. It's never documented that fromslice and frombytes which wraps it can panic, and its' return type Result suggests otherwise. In practice, fromslice/frombytes is frequently used in networking code...

DLL Hijacking Vulnerability in Tianyi Campus Network Client

Sky Campus Network Client is a campus broadband connection tool for students. A DLL hijacking vulnerability exists in Tianyi Campus Network Client, which can be exploited by attackers to gain server control privileges...

Unexpected panic in multihash `from_slice` parsing code

In versions prior 0.11.3 it's possible to make fromslice panic by feeding it certain malformed input. It's never documented that fromslice and frombytes which wraps it can panic, and its' return type Result suggests otherwise. In practice, fromslice/frombytes is frequently used in networking code...