CVE-2026-33557 — Vulnetix

CVE-2026-33557 PUBLISHED CVSS 9.100000381469727 CRITICAL

De multiples vulnérabilités ont été découvertes dans Apache Kafka. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

EPSS 0.22% · 45.0th percentile

Risk Scores

CVSS v3.1

9.100000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS Score

0.22%

45.0th percentile

Affected Products

Vendor	Product	Versions
Apache	Kafka
Apache	Kafka Clients
Apache Software Foundation	Apache Kafka	4.1.0

Timeline

Apr 17, 2026 PoC Published
Apr 20, 2026 CVE Published
Apr 20, 2026 PoC Published
Apr 20, 2026 PoC Published
Apr 21, 2026 Security Advisory
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score

References

https://kafka.apache.org/cve-list vendor-advisory
https://lists.apache.org/thread/v57o00hm6yszdpdnvqx2ss4561yh953h mailing-list
http://www.openwall.com/lists/oss-security/2026/04/17/2 url
https://nvd.nist.gov/vuln/detail/CVE-2026-33557 advisory
https://kafka.apache.org/community/cve-list/ advisory

Open in Interactive Console →