Unrated severityNVD Advisory· Published Nov 28, 2025· Updated Nov 28, 2025
Apache Kvrocks: MONITOR command reveals plaintext credentials to non-admins
CVE-2025-59792
Description
Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks.
This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0.
Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Affected products
2- Apache Software Foundation/Apache Kvrocksv5Range: 1.0.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- lists.apache.org/thread/h2pcvr5p9otc7dnj2dt2nr4b3omghddwmitrevendor-advisory
News mentions
0No linked articles in our index yet.