CVE-2025-49127

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-49127

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-49127.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-49127

Aliases

GHSA-g3mf-c374-fgh2

Published

2025-06-06T21:15:23Z

Modified

2025-06-07T10:12:13.635964Z

Summary

[none]

Details

Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. Version 1.1.0 fixes the issue.

References

https://github.com/kafbat/kafka-ui/security/advisories/GHSA-g3mf-c374-fgh2
https://github.com/kafbat/kafka-ui/releases/tag/v1.1.0

Affected packages

Git / github.com/kafbat/kafka-ui

Affected ranges

Type: GIT
Repo: https://github.com/kafbat/kafka-ui
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4cf17a0b2b17bdebd533caffd06978180b29c0ab

Affected versions

v1.*

v1.0.0