CVE-2026-27133 Strimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...

CVE-2025-66623 Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 and prior to 0.49.1, in some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands th...

Strimzi 安全漏洞

Strimzi is a program from the Strimzi open source that allows running Apache Kafka clusters on Kubernetes in various deployment configurations. A security vulnerability exists in Strimzi versions 0.47.0 through prior to 0.49.1, which stems from the creation of incorrect Kubernetes roles and could...

Strimzi Security Vulnerability

Strimzi is a program from the Strimzi open source that allows running Apache Kafka clusters on Kubernetes in various deployment configurations. A security vulnerability exists in Strimzi 0.41.0 and earlier versions, which stems from incorrect access control in the Kafka Connect REST API, allowing...