CVE-2025-27818 | Apache Kafka up to 3.9.0 SASL JAAS LdapLoginModule privilege escalation

Inserito da Angelo Barbosa | Giu 9, 2025 | CVE

A vulnerability has been found in Apache Kafka up to 3.9.0 and classified as critical. This vulnerability affects unknown code of the component SASL JAAS LdapLoginModule Handler. The manipulation leads to privilege escalation.

This vulnerability was named CVE-2025-27818. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27818 | Apache Kafka up to 3.9.0 SASL JAAS LdapLoginModule privilege escalation

Post correlati

CVE-2023-41826 | Motorola Device Help App prior 2023-12-01 implicit intent

CVE-2023-6906 | Totolink A7100RU 7.4cu.2313_B20191024 HTTP POST Request cstecgi.cgi main flag buffer overflow

CVE-2025-22635 | Jyothis Joy Eventer Plugin up to 3.9.8 on WordPress cross site scripting

CVE-2024-4728 | Campcodes Legal Case Management System 1.0 /admin/court court_name cross site scripting