CVE-2026-27133 Strimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...

CVE-2026-27133

Summary: Strimzi Kafka Connect and Kafka MirrorMaker 2 operands on Kubernetes/OpenShift trust every CA in a multi-CA chain when configured as trusted certificates (versions 0.47.0–0.50.0). This allows certificates signed by any CA in the chain to be accepted when connecting to brokers, potentiall...