CVE-2026-11746

A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper...

CVE-2026-11746

A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper...

CVE-2026-11746

CVE-2026-11746 affects centraldogma-server versions prior to 0.84.0. If ZooKeeper replication is enabled without setting replication.secret, the server falls back to a hard-coded, publicly known secret that authenticates the embedded ZooKeeper ensemble. This allows an attacker with network access...

EUVD-2026-38207

A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper...

ROOT-APP-MAVEN-CVE-2026-24308 CVE-2026-24308 in io.root.org.apache.zookeeper:zookeeper - Patched by Root

Root has patched CVE-2026-24308 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-51504 CVE-2024-51504 in io.root.org.apache.zookeeper:zookeeper - Patched by Root

Root has patched CVE-2024-51504 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-23944 CVE-2024-23944 in io.root.org.apache.zookeeper:zookeeper - Patched by Root

Root has patched CVE-2024-23944 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-24281 CVE-2026-24281 in io.root.org.apache.zookeeper:zookeeper - Patched by Root

Root has patched CVE-2026-24281 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2025-58457 CVE-2025-58457 in io.root.org.apache.zookeeper:zookeeper - Patched by Root

Root has patched CVE-2025-58457 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...

CLEANSTART-2026-AO11810 Netty is an asynchronous, event-driven network application framework

Multiple security vulnerabilities affect the apache-zookeeper package. Netty is an asynchronous, event-driven network application framework. See references for individual vulnerability details...

CLEANSTART-2026-HW72470 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4

Security vulnerability affects the apache-zookeeper package. This issue is resolved in later releases. See references for vulnerability details...

CLEANSTART-2026-CC73064 In Eclipse Jetty, the HTTP/1

Multiple security vulnerabilities affect the apache-zookeeper package. In Eclipse Jetty, the HTTP/1. See references for individual vulnerability details...

CLEANSTART-2026-GB30250 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data. The Kryo-based persistence serializers KryoStateMachineSerialisationService / AbstractKryoStateMachineSerialisationService deserialise persisted state-machine contexts without enabling...

GHSA-W573-9FFJ-6FF9 vulnerabilities

Vulnerabilities for packages: management-api-for-apache-cassandra-4.1, apache-activemq-artemis, management-api-for-apache-cassandra-5.0, solr, trino, seata, apache-nifi, keycloak-fips, spark-kubernetes-operator, cassandra, request-9047-keycloak-fips, airbyte-server-fips, camunda, localstack,...

CVE-2026-45536 vulnerabilities

Vulnerabilities for packages: management-api-for-apache-cassandra-4.1, apache-activemq-artemis, management-api-for-apache-cassandra-5.0, solr, trino, seata, apache-nifi, keycloak-fips, spark-kubernetes-operator, cassandra, request-9047-keycloak-fips, airbyte-server-fips, camunda, localstack,...

CLEANSTART-2026-RR82368 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-2332, CVE-2026-24515, CVE-2026-25210, CVE-2026-25646, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5, 3.7.2-r6

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-CH17958 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-SZ14466 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5, 3.7.2-r6

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-HZ03319 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6

Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...