EUVD-2026-23846

A possible security vulnerability has been identified in Apache Kafka. By default, the broker property sasl.oauthbearer.jwt.validator.class is set to org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator. It accepts any JWT token without validating its signature, issuer, or audience. A...

CVE-2026-33557

A possible security vulnerability has been identified in Apache Kafka. By default, the broker property sasl.oauthbearer.jwt.validator.class is set to org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator. It accepts any JWT token without validating its signature, issuer, or audience. A...

EUVD-2022-6146

Malicious code in bioql PyPI...

XML External Entity Reference in drools

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

CVE-2021-41411

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

CVE-2021-41411

drools =7.59.x is affected by an XML External Entity XXE vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability...

drools 代码问题漏洞

drools is KIE open source a business rules management system . Open source rules engine, DMN engine and Complex Event Processing CEP engine for Java and JVM platforms. A security vulnerability exists in drools 7.59.x and earlier versions , the vulnerability stems from the Validator class in...