CVE-2025-49127

Vulnerability Description

Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. Version 1.1.0 fixes the issue.

Related Weaknesses (CWE)

CWE-502

References

https://github.com/kafbat/kafka-ui/releases/tag/v1.1.0
https://github.com/kafbat/kafka-ui/security/advisories/GHSA-g3mf-c374-fgh2
https://github.com/kafbat/kafka-ui/security/advisories/GHSA-g3mf-c374-fgh2

FAQ

What is CVE-2025-49127?

CVE-2025-49127 is a documented vulnerability. Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. ...

How severe is CVE-2025-49127?

CVSS scoring is not yet available for CVE-2025-49127. Check NVD for updates.

Is there a patch for CVE-2025-49127?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.