spring Spring For Apache Kafka Vulnerabilities

Spring Spring For Apache Kafka vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

9 June 2026

In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization
CVE-2026-41731
SpringSpring For Apache Kafka8.1HIGH
In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior
CVE-2026-41727
SpringSpring For Apache Kafka6.5MEDIUM
In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header
CVE-2026-41726
SpringSpring For Apache Kafka6.5MEDIUM

24 August 2023

Java Deserialization vulnerability in Spring-Kafka When Improperly Configured
CVE-2023-34040
SpringSpring For Apache Kafka👾🟡EPSS 21%📰5.3MEDIUM