VYPR

UI

by Kafbat

CVEs (2)

  • CVE-2025-49127HigJun 6, 2025
    risk 0.51cvss epss 0.00

    Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. Version 1.1.0 fixes the issue.

  • CVE-2026-5562HigApr 5, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is…