CVE-2026-5562: Kafka-UI Code Injection (0.7.0-0.7.2)
Plattform
java
Komponente
provectus/kafka-ui
CVE-2026-5562 represents a code injection vulnerability discovered in provectus kafka-ui versions 0.7.0 through 0.7.2. This flaw resides within the validateAccess function of the /api/smartfilters/testexecutions endpoint, enabling remote attackers to inject malicious code. Due to the publicly available exploit, immediate action is recommended to mitigate potential risks. No official patch has been released at the time of publication.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-5562?
CVE-2026-5562 is a code injection vulnerability affecting provectus kafka-ui versions 0.7.0 to 0.7.2. Attackers can exploit this flaw to inject arbitrary code through the /api/smartfilters/testexecutions endpoint.
Am I affected by CVE-2026-5562?
You are potentially affected if you are using provectus kafka-ui versions 0.7.0, 0.7.1, or 0.7.2. The vulnerability is remotely exploitable and a public exploit exists.
How can I fix or mitigate CVE-2026-5562?
Currently, no official patch is available for CVE-2026-5562. Mitigation strategies include isolating the affected system, restricting network access to the /api/smartfilters/testexecutions endpoint, and closely monitoring for suspicious activity.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten