Platform
java
Component
provectus/kafka-ui
Fixed in
0.7.1
0.7.2
0.7.3
CVE-2026-5562 describes a code injection vulnerability discovered in provectus kafka-ui versions 0.7.0 through 0.7.2. This flaw allows attackers to remotely execute arbitrary code by manipulating the validateAccess function within the /api/smartfilters/testexecutions endpoint. The vulnerability is considered HIGH severity and a publicly available exploit exists, increasing the risk of immediate exploitation. Affected users should prioritize upgrading to a patched version of provectus kafka-ui.
The code injection vulnerability in provectus kafka-ui allows an attacker to inject and execute arbitrary code on the server hosting the application. Successful exploitation could lead to complete system compromise, including data exfiltration, modification, and denial of service. Given the nature of Kafka and its role in data streaming, a successful attack could impact the integrity and availability of critical data pipelines. The existence of a public exploit significantly increases the likelihood of exploitation, particularly against unpatched deployments. This vulnerability shares similarities with other code injection flaws where attackers can bypass access controls and gain unauthorized access to sensitive resources.
CVE-2026-5562 is publicly known and a proof-of-concept exploit is available, indicating a high probability of exploitation. The vulnerability was disclosed on 2026-04-05. The vendor's lack of response raises concerns about the timeliness of future security updates. This vulnerability is not currently listed on CISA KEV as of the disclosure date.
Exploit Status
EPSS
0.10% (28% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5562 is to upgrade provectus kafka-ui to a version that addresses the vulnerability. Unfortunately, a fixed version is not specified in the provided data. As a temporary workaround, consider implementing strict input validation on the /api/smartfilters/testexecutions endpoint to sanitize user-supplied data and prevent malicious code injection. Web application firewalls (WAFs) can be configured to block requests containing suspicious patterns or payloads targeting this endpoint. Monitor access logs for unusual activity or attempts to access the vulnerable endpoint. Since the vendor has not responded, independent security audits are highly recommended.
Update to a patched version of provectus kafka-ui. The vulnerability allows code injection through manipulation of the validateAccess function in the /api/smartfilters/testexecutions endpoint. Refer to the vendor's release notes for specific upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5562 is a code injection vulnerability affecting provectus kafka-ui versions 0.7.0–0.7.2. It allows remote attackers to execute arbitrary code via the /api/smartfilters/testexecutions endpoint.
You are affected if you are using provectus kafka-ui versions 0.7.0 through 0.7.2 and have not upgraded to a patched version. A fixed version is not yet specified.
Upgrade provectus kafka-ui to a patched version as soon as it becomes available. Until then, implement input validation and WAF rules as temporary mitigations.
Yes, a public exploit is available, indicating a high probability of active exploitation.
Due to the vendor's lack of response, an official advisory may not be available. Monitor security news sources and community forums for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.